Filtered by vendor Solarwinds
Subscriptions
Total
269 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2023-23836 | 1 Solarwinds | 1 Orion Platform | 2024-08-02 | 7.2 High |
SolarWinds Platform version 2022.4.1 was found to be susceptible to the Deserialization of Untrusted Data. This vulnerability allows a remote adversary with Orion admin-level account access to the SolarWinds Web Console to execute arbitrary commands. | ||||
CVE-2023-23839 | 1 Solarwinds | 1 Solarwinds Platform | 2024-08-02 | 6.5 Medium |
The SolarWinds Platform was susceptible to the Exposure of Sensitive Information Vulnerability. This vulnerability allows users to access Orion.WebCommunityStrings SWIS schema object and obtain sensitive information. | ||||
CVE-2023-23840 | 1 Solarwinds | 1 Orion Platform | 2024-08-02 | 6.8 Medium |
The SolarWinds Platform was susceptible to the Incorrect Comparison Vulnerability. This vulnerability allows users with administrative access to SolarWinds Web Console to execute arbitrary commands with NETWORK SERVICE privileges. | ||||
CVE-2023-3622 | 1 Solarwinds | 1 Solarwinds Platform | 2024-08-02 | 4.3 Medium |
Access Control Bypass Vulnerability in the SolarWinds Platform that allows an underprivileged user to read arbitrary resource | ||||
CVE-2024-28996 | 1 Solarwinds | 1 Solarwinds Platform | 2024-08-02 | 7.5 High |
The SolarWinds Platform was determined to be affected by a SWQL Injection Vulnerability. Attack complexity is high for this vulnerability. | ||||
CVE-2024-28995 | 1 Solarwinds | 1 Serv-u | 2024-08-02 | 8.6 High |
SolarWinds Serv-U was susceptible to a directory transversal vulnerability that would allow access to read sensitive files on the host machine. | ||||
CVE-2024-28999 | 1 Solarwinds | 1 Solarwinds Platform | 2024-08-02 | 6.4 Medium |
The SolarWinds Platform was determined to be affected by a Race Condition Vulnerability affecting the web console. | ||||
CVE-2024-29004 | 1 Solarwinds | 1 Solarwinds Platform | 2024-08-02 | 7.1 High |
The SolarWinds Platform was determined to be affected by a stored cross-site scripting vulnerability affecting the web console. A high-privileged user and user interaction is required to exploit this vulnerability. | ||||
CVE-2024-23477 | 1 Solarwinds | 1 Access Rights Manager | 2024-08-01 | 7.9 High |
The SolarWinds Access Rights Manager (ARM) was found to be susceptible to a Directory Traversal Remote Code Execution Vulnerability. If exploited, this vulnerability allows an unauthenticated user to achieve a Remote Code Execution. |