Filtered by vendor Solarwinds
Subscribe
Total
290 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-45717 | 1 Solarwinds | 1 Solarwinds Platform | 2025-02-06 | N/A | 7.0 HIGH |
| The SolarWinds Platform was susceptible to a XSS vulnerability that affects the search and node information section of the user interface. This vulnerability requires authentication and requires user interaction. | |||||
| CVE-2023-23838 | 2 Microsoft, Solarwinds | 2 Windows, Database Performance Analyzer | 2025-02-04 | N/A | 6.5 MEDIUM |
| Directory traversal and file enumeration vulnerability which allowed users to enumerate to different folders of the server. | |||||
| CVE-2023-23837 | 2 Microsoft, Solarwinds | 2 Windows, Database Performance Analyzer | 2025-02-04 | N/A | 7.5 HIGH |
| No exception handling vulnerability which revealed sensitive or excessive information to users. | |||||
| CVE-2024-0692 | 1 Solarwinds | 1 Security Event Manager | 2025-01-21 | N/A | 8.8 HIGH |
| The SolarWinds Security Event Manager was susceptible to Remote Code Execution Vulnerability. This vulnerability allows an unauthenticated user to abuse SolarWinds’ service, resulting in remote code execution. | |||||
| CVE-2024-29004 | 1 Solarwinds | 1 Solarwinds Platform | 2024-11-21 | N/A | 7.1 HIGH |
| The SolarWinds Platform was determined to be affected by a stored cross-site scripting vulnerability affecting the web console. A high-privileged user and user interaction is required to exploit this vulnerability. | |||||
| CVE-2024-28999 | 1 Solarwinds | 1 Solarwinds Platform | 2024-11-21 | N/A | 6.4 MEDIUM |
| The SolarWinds Platform was determined to be affected by a Race Condition Vulnerability affecting the web console. | |||||
| CVE-2024-28996 | 1 Solarwinds | 1 Solarwinds Platform | 2024-11-21 | N/A | 7.5 HIGH |
| The SolarWinds Platform was determined to be affected by a SWQL Injection Vulnerability. Attack complexity is high for this vulnerability. | |||||
| CVE-2024-28993 | 1 Solarwinds | 1 Access Rights Manager | 2024-11-21 | N/A | 7.6 HIGH |
| The SolarWinds Access Rights Manager was susceptible to a Directory Traversal and Information Disclosure Vulnerability. This vulnerability allows an unauthenticated user to perform arbitrary file deletion and leak sensitive information. | |||||
| CVE-2024-28992 | 1 Solarwinds | 1 Access Rights Manager | 2024-11-21 | N/A | 7.6 HIGH |
| The SolarWinds Access Rights Manager was susceptible to a Directory Traversal and Information Disclosure Vulnerability. This vulnerability allows an unauthenticated user to perform arbitrary file deletion and leak sensitive information. | |||||
| CVE-2024-28074 | 1 Solarwinds | 1 Access Rights Manager | 2024-11-21 | N/A | 9.6 CRITICAL |
| It was discovered that a previous vulnerability was not completely fixed with SolarWinds Access Rights Manager. While some controls were implemented the researcher was able to bypass these and use a different method to exploit the vulnerability. | |||||
| CVE-2024-23479 | 1 Solarwinds | 1 Access Rights Manager | 2024-11-21 | N/A | 9.6 CRITICAL |
| SolarWinds Access Rights Manager (ARM) was found to be susceptible to a Directory Traversal Remote Code Execution Vulnerability. If exploited, this vulnerability allows an unauthenticated user to achieve a Remote Code Execution. | |||||
| CVE-2024-23478 | 1 Solarwinds | 1 Access Rights Manager | 2024-11-21 | N/A | 8.0 HIGH |
| SolarWinds Access Rights Manager (ARM) was found to be susceptible to a Remote Code Execution Vulnerability. If exploited, this vulnerability allows an authenticated user to abuse a SolarWinds service, resulting in remote code execution. | |||||
| CVE-2024-23477 | 1 Solarwinds | 1 Access Rights Manager | 2024-11-21 | N/A | 7.9 HIGH |
| The SolarWinds Access Rights Manager (ARM) was found to be susceptible to a Directory Traversal Remote Code Execution Vulnerability. If exploited, this vulnerability allows an unauthenticated user to achieve a Remote Code Execution. | |||||
| CVE-2024-23476 | 1 Solarwinds | 1 Access Rights Manager | 2024-11-21 | N/A | 9.6 CRITICAL |
| The SolarWinds Access Rights Manager (ARM) was found to be susceptible to a Directory Traversal Remote Code Execution Vulnerability. If exploited, this vulnerability allows an unauthenticated user to achieve the Remote Code Execution. | |||||
| CVE-2024-23475 | 1 Solarwinds | 1 Access Rights Manager | 2024-11-21 | N/A | 9.6 CRITICAL |
| The SolarWinds Access Rights Manager was susceptible to a Directory Traversal and Information Disclosure Vulnerability. This vulnerability allows an unauthenticated user to perform arbitrary file deletion and leak sensitive information. | |||||
| CVE-2024-23474 | 1 Solarwinds | 1 Access Rights Manager | 2024-11-21 | N/A | 7.6 HIGH |
| The SolarWinds Access Rights Manager was found to be susceptible to an Arbitrary File Deletion and Information Disclosure vulnerability. | |||||
| CVE-2024-23472 | 1 Solarwinds | 1 Access Rights Manager | 2024-11-21 | N/A | 9.6 CRITICAL |
| SolarWinds Access Rights Manager (ARM) is susceptible to Directory Traversal vulnerability. This vulnerability allows an authenticated user to arbitrary read and delete files in ARM. | |||||
| CVE-2024-23471 | 1 Solarwinds | 1 Access Rights Manager | 2024-11-21 | N/A | 9.6 CRITICAL |
| The SolarWinds Access Rights Manager was found to be susceptible to a Remote Code Execution Vulnerability. If exploited, this vulnerability allows an authenticated user to abuse a SolarWinds service resulting in remote code execution. | |||||
| CVE-2024-23470 | 1 Solarwinds | 1 Access Rights Manager | 2024-11-21 | N/A | 9.6 CRITICAL |
| The SolarWinds Access Rights Manager was found to be susceptible to a pre-authentication remote code execution vulnerability. If exploited, this vulnerability allows an unauthenticated user to run commands and executables. | |||||
| CVE-2024-23469 | 1 Solarwinds | 1 Access Rights Manager | 2024-11-21 | N/A | 9.6 CRITICAL |
| SolarWinds Access Rights Manager (ARM) is susceptible to a Remote Code Execution vulnerability. If exploited, this vulnerability allows an unauthenticated user to perform the actions with SYSTEM privileges. | |||||