Metrics
Affected Vendors & Products
Solution
SolarWinds recommends that customers upgrade to SolarWinds Database Performance Analyzer 2025.3 as soon as it becomes available.
Workaround
No workaround given by the vendor.
Tue, 12 Aug 2025 20:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Solarwinds
Solarwinds database Performance Analyzer |
|
Vendors & Products |
Solarwinds
Solarwinds database Performance Analyzer |
Tue, 12 Aug 2025 16:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Tue, 12 Aug 2025 08:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | SolarWinds Database Performance Analyzer was found to contain a hard-coded cryptographic key. If exploited, this vulnerability could lead to a machine-in-the-middle (MITM) attack against users. This vulnerability requires additional software not installed by default, local access to the server and administrator level privileges on the host. | |
Title | SolarWinds Database Performance Analyzer Hard-coded Cryptographic Key Vulnerability | |
Weaknesses | CWE-798 | |
References |
| |
Metrics |
cvssV3_1
|

Status: PUBLISHED
Assigner: SolarWinds
Published:
Updated: 2025-08-13T15:03:57.855Z
Reserved: 2025-02-08T00:19:09.395Z
Link: CVE-2025-26398

Updated: 2025-08-12T15:55:37.675Z

Status : Awaiting Analysis
Published: 2025-08-12T08:15:26.193
Modified: 2025-08-12T14:25:33.177
Link: CVE-2025-26398

No data.

Updated: 2025-08-12T19:53:23Z