A vulnerable component of Orion Platform was vulnerable to SQL Injection, an authenticated attacker could leverage this for privilege escalation or remote code execution.
https://www.solarwinds.com/trust-center/security-advisories/cve-2022-36961
https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/solarwinds_platform_2022-3_release_notes.htm
Source: MITRE
Published: 2022-09-30
Updated: 2022-10-04
Type: CWE-89