{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-26398", "assignerOrgId": "49f11609-934d-4621-84e6-e02e032104d6", "state": "PUBLISHED", "assignerShortName": "SolarWinds", "dateReserved": "2025-02-08T00:19:09.395Z", "datePublished": "2025-08-12T08:10:54.116Z", "dateUpdated": "2025-08-13T15:03:57.855Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "affected", "product": "Database Performance Analyzer", "vendor": "SolarWinds", "versions": [{"status": "affected", "version": "2025.2 and below"}]}], "datePublic": "2025-08-11T23:59:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<span style=\"background-color: rgb(255, 255, 255);\">SolarWinds Database Performance Analyzer was found to </span><span style=\"background-color: rgb(255, 255, 255);\">contain</span><span style=\"background-color: rgb(255, 255, 255);\"> a hard-coded cryptographic key. If exploited, this vulnerability could lead to a machine-in-the-middle (</span><span style=\"background-color: rgb(255, 255, 255);\">M</span><span style=\"background-color: rgb(255, 255, 255);\">I</span><span style=\"background-color: rgb(255, 255, 255);\">TM</span><span style=\"background-color: rgb(255, 255, 255);\">) attack against users. This vulnerability requires </span><span style=\"background-color: rgb(255, 255, 255);\">additional</span> <span style=\"background-color: rgb(255, 255, 255);\">software not installed by </span><span style=\"background-color: rgb(255, 255, 255);\">default,</span><span style=\"background-color: rgb(255, 255, 255);\"> local access to the server and administrator level privileges</span><span style=\"background-color: rgb(255, 255, 255);\"> on the host.</span>\n\n<br>"}], "value": "SolarWinds Database Performance Analyzer was found to contain a hard-coded cryptographic key. If exploited, this vulnerability could lead to a machine-in-the-middle (MITM) attack against users. This vulnerability requires additional software not installed by default, local access to the server and administrator level privileges on the host."}], "impacts": [{"capecId": "CAPEC-21", "descriptions": [{"lang": "en", "value": "CAPEC-21 Exploitation of Trusted Credentials"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 5.6, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:N", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-798", "description": "CWE-798 Use of Hard-coded Credentials", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "49f11609-934d-4621-84e6-e02e032104d6", "shortName": "SolarWinds", "dateUpdated": "2025-08-12T08:10:54.116Z"}, "references": [{"url": "https://www.solarwinds.com/trust-center/security-advisories/CVE-2025-26398"}, {"url": "https://documentation.solarwinds.com/en/success_center/dpa/content/release_notes/dpa_2025-3_release_notes.htm"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "SolarWinds recommends that customers upgrade to SolarWinds \n\n Database Performance Analyzer 2025.3\n\n as soon as it becomes available.\n\n<br>"}], "value": "SolarWinds recommends that customers upgrade to SolarWinds \n\n Database Performance Analyzer 2025.3\n\n as soon as it becomes available."}], "source": {"discovery": "UNKNOWN"}, "title": "SolarWinds Database Performance Analyzer Hard-coded Cryptographic Key Vulnerability", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-08-12T00:00:00+00:00", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3", "id": "CVE-2025-26398"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-08-13T15:03:57.855Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-26398", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-08-12T15:55:33.330811Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-08-12T15:55:37.675Z"}}], "cna": {"title": "SolarWinds Database Performance Analyzer Hard-coded Cryptographic Key Vulnerability", "source": {"discovery": "UNKNOWN"}, "impacts": [{"capecId": "CAPEC-21", "descriptions": [{"lang": "en", "value": "CAPEC-21 Exploitation of Trusted Credentials"}]}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.6, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "SolarWinds", "product": "Database Performance Analyzer", "versions": [{"status": "affected", "version": "2025.2 and below"}], "defaultStatus": "affected"}], "solutions": [{"lang": "en", "value": "SolarWinds recommends that customers upgrade to SolarWinds \n\n Database Performance Analyzer 2025.3\n\n as soon as it becomes available.", "supportingMedia": [{"type": "text/html", "value": "SolarWinds recommends that customers upgrade to SolarWinds \n\n Database Performance Analyzer 2025.3\n\n as soon as it becomes available.\n\n<br>", "base64": false}]}], "datePublic": "2025-08-11T23:59:00.000Z", "references": [{"url": "https://www.solarwinds.com/trust-center/security-advisories/CVE-2025-26398"}, {"url": "https://documentation.solarwinds.com/en/success_center/dpa/content/release_notes/dpa_2025-3_release_notes.htm"}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}, "descriptions": [{"lang": "en", "value": "SolarWinds Database Performance Analyzer was found to contain a hard-coded cryptographic key. If exploited, this vulnerability could lead to a machine-in-the-middle (MITM) attack against users. This vulnerability requires additional software not installed by default, local access to the server and administrator level privileges on the host.", "supportingMedia": [{"type": "text/html", "value": "<span style=\"background-color: rgb(255, 255, 255);\">SolarWinds Database Performance Analyzer was found to </span><span style=\"background-color: rgb(255, 255, 255);\">contain</span><span style=\"background-color: rgb(255, 255, 255);\"> a hard-coded cryptographic key. If exploited, this vulnerability could lead to a machine-in-the-middle (</span><span style=\"background-color: rgb(255, 255, 255);\">M</span><span style=\"background-color: rgb(255, 255, 255);\">I</span><span style=\"background-color: rgb(255, 255, 255);\">TM</span><span style=\"background-color: rgb(255, 255, 255);\">) attack against users. This vulnerability requires </span><span style=\"background-color: rgb(255, 255, 255);\">additional</span> <span style=\"background-color: rgb(255, 255, 255);\">software not installed by </span><span style=\"background-color: rgb(255, 255, 255);\">default,</span><span style=\"background-color: rgb(255, 255, 255);\"> local access to the server and administrator level privileges</span><span style=\"background-color: rgb(255, 255, 255);\"> on the host.</span>\n\n<br>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-798", "description": "CWE-798 Use of Hard-coded Credentials"}]}], "providerMetadata": {"orgId": "49f11609-934d-4621-84e6-e02e032104d6", "shortName": "SolarWinds", "dateUpdated": "2025-08-12T08:10:54.116Z"}}}, "cveMetadata": {"cveId": "CVE-2025-26398", "state": "PUBLISHED", "dateUpdated": "2025-08-13T15:03:57.855Z", "dateReserved": "2025-02-08T00:19:09.395Z", "assignerOrgId": "49f11609-934d-4621-84e6-e02e032104d6", "datePublished": "2025-08-12T08:10:54.116Z", "assignerShortName": "SolarWinds"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:solarwinds:database_performance_analyzer:*:*:*:*:*:*:*:*", "matchCriteriaId": "7E94BDA9-997F-434F-AE62-D9CED8BDB2CF", "versionEndExcluding": "2025.3", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "SolarWinds Database Performance Analyzer was found to contain a hard-coded cryptographic key. If exploited, this vulnerability could lead to a machine-in-the-middle (MITM) attack against users. This vulnerability requires additional software not installed by default, local access to the server and administrator level privileges on the host."}, {"lang": "es", "value": "Se descubri\u00f3 que SolarWinds Database Performance Analyzer conten\u00eda una clave criptogr\u00e1fica codificada. Si se explota, esta vulnerabilidad podr\u00eda provocar un ataque de m\u00e1quina en el medio (MITM) contra los usuarios. Esta vulnerabilidad requiere software adicional no instalado por defecto, acceso local al servidor y privilegios de administrador en el host."}], "id": "CVE-2025-26398", "lastModified": "2025-11-17T16:10:05.080", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 5.6, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 0.3, "impactScore": 5.2, "source": "psirt@solarwinds.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 0.5, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2025-08-12T08:15:26.193", "references": [{"source": "psirt@solarwinds.com", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://documentation.solarwinds.com/en/success_center/dpa/content/release_notes/dpa_2025-3_release_notes.htm"}, {"source": "psirt@solarwinds.com", "tags": ["Vendor Advisory", "Patch"], "url": "https://www.solarwinds.com/trust-center/security-advisories/CVE-2025-26398"}], "sourceIdentifier": "psirt@solarwinds.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-798"}], "source": "psirt@solarwinds.com", "type": "Primary"}]}

{}

{"created": "2025-08-12T19:53:23.824846+00:00", "updated": "2025-08-12T19:53:23.824908+00:00", "vendors": ["solarwinds", "solarwinds$PRODUCT$database_performance_analyzer"]}