cvedb.io
CVE-2021-35235
MEDIUM · CVSS 5.3
EPSS exploitation probability: 0%
Published 2021-10-27T01:15:07.463 · Last modified 2026-06-17T03:57:21.333

Summary

The ASP.NET debug feature is enabled by default in Kiwi Syslog Server 9.7.2 and previous versions. ASP.NET allows remote debugging of web applications, if configured to do so. Debug mode causes ASP.NET to compile applications with extra information. The information enables a debugger to closely monitor and control the execution of an application. If an attacker could successfully start a remote debugging session, this is likely to disclose sensitive information about the web application and supporting infrastructure that may be valuable in targeting SWI with malicious intent.

Affected products

solarwinds — kiwi_syslog_server

Does this affect you?

Add your gear to cvedb and we'll alert you only when solarwinds ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.