Filtered by vendor Solarwinds
Subscriptions
Filtered by product Serv-u
Subscriptions
Total
27 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2021-3154 | 1 Solarwinds | 1 Serv-u | 2024-08-03 | 7.5 High |
An issue was discovered in SolarWinds Serv-U before 15.2.2. Unauthenticated attackers can retrieve cleartext passwords via macro Injection. NOTE: this had a distinct fix relative to CVE-2020-35481. | ||||
CVE-2022-38106 | 1 Solarwinds | 1 Serv-u | 2024-08-03 | 5.4 Medium |
This vulnerability happens in the web client versions 15.3.0 to Serv-U 15.3.1. This vulnerability affects the directory creation function. | ||||
CVE-2023-40053 | 1 Solarwinds | 1 Serv-u | 2024-08-02 | 5 Medium |
A vulnerability has been identified within Serv-U 15.4 that allows an authenticated actor to insert content on the file share function feature of Serv-U, which could be used maliciously. | ||||
CVE-2023-40060 | 1 Solarwinds | 1 Serv-u | 2024-08-02 | 7.2 High |
A vulnerability has been identified within Serv-U 15.4 and 15.4 Hotfix 1 that, if exploited, allows an actor to bypass multi-factor/two-factor authentication. The actor must have administrator-level access to Serv-U to perform this action. 15.4. SolarWinds found that the issue was not completely fixed in 15.4 Hotfix 1. | ||||
CVE-2023-35179 | 1 Solarwinds | 1 Serv-u | 2024-08-02 | 7.2 High |
A vulnerability has been identified within Serv-U 15.4 that, if exploited, allows an actor to bypass multi-factor/two-factor authentication. The actor must have administrator-level access to Serv-U to perform this action. | ||||
CVE-2023-23841 | 1 Solarwinds | 1 Serv-u | 2024-08-02 | 7.5 High |
SolarWinds Serv-U is submitting an HTTP request when changing or updating the attributes for File Share or File request. Part of the URL of the request discloses sensitive data. | ||||
CVE-2024-28995 | 1 Solarwinds | 1 Serv-u | 2024-08-02 | 8.6 High |
SolarWinds Serv-U was susceptible to a directory transversal vulnerability that would allow access to read sensitive files on the host machine. |