Filtered by vendor Solarwinds
Subscriptions
Total
269 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-23474 | 1 Solarwinds | 1 Access Rights Manager | 2024-09-10 | 7.6 High |
| The SolarWinds Access Rights Manager was found to be susceptible to an Arbitrary File Deletion and Information Disclosure vulnerability. | ||||
| CVE-2024-23471 | 1 Solarwinds | 1 Access Rights Manager | 2024-09-10 | 9.6 Critical |
| The SolarWinds Access Rights Manager was found to be susceptible to a Remote Code Execution Vulnerability. If exploited, this vulnerability allows an authenticated user to abuse a SolarWinds service resulting in remote code execution. | ||||
| CVE-2024-23469 | 1 Solarwinds | 1 Access Rights Manager | 2024-09-10 | 9.6 Critical |
| SolarWinds Access Rights Manager (ARM) is susceptible to a Remote Code Execution vulnerability. If exploited, this vulnerability allows an unauthenticated user to perform the actions with SYSTEM privileges. | ||||
| CVE-2023-40062 | 1 Solarwinds | 1 Solarwinds Platform | 2024-09-05 | 8 High |
| SolarWinds Platform Incomplete List of Disallowed Inputs Remote Code Execution Vulnerability. If executed, this vulnerability would allow a low-privileged user to execute commands with SYSTEM privileges. | ||||
| CVE-2023-33226 | 1 Solarwinds | 1 Network Configuration Manager | 2024-09-05 | 8 High |
| The Network Configuration Manager was susceptible to a Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows a low-level user to perform the actions with SYSTEM privileges. | ||||
| CVE-2023-33227 | 1 Solarwinds | 1 Network Configuration Manager | 2024-09-05 | 8 High |
| The Network Configuration Manager was susceptible to a Directory Traversal Remote Code Execution Vulnerability This vulnerability allows a low level user to perform the actions with SYSTEM privileges. | ||||
| CVE-2023-33228 | 1 Solarwinds | 1 Network Configuration Manager | 2024-09-05 | 4.5 Medium |
| The SolarWinds Network Configuration Manager was susceptible to the Exposure of Sensitive Information Vulnerability. This vulnerability allows users with administrative access to SolarWinds Web Console to obtain sensitive information. | ||||
| CVE-2023-40054 | 1 Solarwinds | 1 Network Configuration Manager | 2024-09-04 | 8 High |
| The Network Configuration Manager was susceptible to a Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows a low-level user to perform the actions with SYSTEM privileges. We found this issue was not resolved in CVE-2023-33226 | ||||
| CVE-2023-40055 | 1 Solarwinds | 1 Network Configuration Manager | 2024-09-03 | 8 High |
| The Network Configuration Manager was susceptible to a Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows a low-level user to perform the actions with SYSTEM privileges. We found this issue was not resolved in CVE-2023-33227 | ||||
| CVE-2024-23476 | 1 Solarwinds | 1 Access Rights Manager | 2024-08-27 | 9.6 Critical |
| The SolarWinds Access Rights Manager (ARM) was found to be susceptible to a Directory Traversal Remote Code Execution Vulnerability. If exploited, this vulnerability allows an unauthenticated user to achieve the Remote Code Execution. | ||||
| CVE-2023-40058 | 1 Solarwinds | 1 Access Rights Manager | 2024-08-27 | 6.5 Medium |
| Sensitive data was added to our public-facing knowledgebase that, if exploited, could be used to access components of Access Rights Manager (ARM) if the threat actor is in the same environment. | ||||
| CVE-2024-23467 | 1 Solarwinds | 1 Access Rights Manager | 2024-08-22 | 9.6 Critical |
| The SolarWinds Access Rights Manager was susceptible to a Directory Traversal and Information Disclosure Vulnerability. This vulnerability allows an unauthenticated user to perform remote code execution. | ||||
| CVE-2024-23468 | 1 Solarwinds | 1 Access Rights Manager | 2024-08-22 | 7.6 High |
| The SolarWinds Access Rights Manager was susceptible to a Directory Traversal and Information Disclosure Vulnerability. This vulnerability allows an unauthenticated user to perform arbitrary file deletion and leak sensitive information. | ||||
| CVE-2024-23472 | 1 Solarwinds | 1 Access Rights Manager | 2024-08-22 | 9.6 Critical |
| SolarWinds Access Rights Manager (ARM) is susceptible to Directory Traversal vulnerability. This vulnerability allows an authenticated user to arbitrary read and delete files in ARM. | ||||
| CVE-2024-28992 | 1 Solarwinds | 1 Access Rights Manager | 2024-08-22 | 7.6 High |
| The SolarWinds Access Rights Manager was susceptible to a Directory Traversal and Information Disclosure Vulnerability. This vulnerability allows an unauthenticated user to perform arbitrary file deletion and leak sensitive information. | ||||
| CVE-2024-28993 | 1 Solarwinds | 1 Access Rights Manager | 2024-08-22 | 7.6 High |
| The SolarWinds Access Rights Manager was susceptible to a Directory Traversal and Information Disclosure Vulnerability. This vulnerability allows an unauthenticated user to perform arbitrary file deletion and leak sensitive information. | ||||
| CVE-2024-23466 | 1 Solarwinds | 1 Access Rights Manager | 2024-08-22 | 9.6 Critical |
| SolarWinds Access Rights Manager (ARM) is susceptible to a Directory Traversal Remote Code Execution vulnerability. If exploited, this vulnerability allows an unauthenticated user to perform the actions with SYSTEM privileges. | ||||
| CVE-2024-28986 | 1 Solarwinds | 2 Web Help Desk, Webhelpdesk | 2024-08-16 | 9.8 Critical |
| SolarWinds Web Help Desk was found to be susceptible to a Java Deserialization Remote Code Execution vulnerability that, if exploited, would allow an attacker to run commands on the host machine. While it was reported as an unauthenticated vulnerability, SolarWinds has been unable to reproduce it without authentication after thorough testing. However, out of an abundance of caution, we recommend all Web Help Desk customers apply the patch, which is now available. | ||||
| CVE-2024-23478 | 1 Solarwinds | 1 Access Rights Manager | 2024-08-12 | 8 High |
| SolarWinds Access Rights Manager (ARM) was found to be susceptible to a Remote Code Execution Vulnerability. If exploited, this vulnerability allows an authenticated user to abuse a SolarWinds service, resulting in remote code execution. | ||||
| CVE-2023-40057 | 1 Solarwinds | 1 Access Rights Manager | 2024-08-12 | 9 Critical |
| The SolarWinds Access Rights Manager was found to be susceptible to a Remote Code Execution Vulnerability. If exploited, this vulnerability allows an authenticated user to abuse a SolarWinds service resulting in remote code execution. | ||||