SolarWinds Service Desk is affected by a broken access control vulnerability. The issue allows authenticated users to escalate privileges, leading to unauthorized data manipulation.
The product does not properly compartmentalize or isolate functionality, processes, or resources that require different privilege levels, rights, or permissions.