) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
This is not the latest report. Click
here to view the latest report.
CVSS v3.1 Statistics for SolarWinds as of 08/04/2023
0
320
40
306
Reference
0-69.9%
|
|
Provider |
95.6
Contributor
70-94.9%
Provider
95-100%
| CVE | CNA Value | Alignment | NIST Value | Reason |
|---|---|---|---|---|
CVE-2021-35226
(8 of 8)
|
Attack Vector (AV) Network | Attack Vector (AV) Network | ||
| Attack Complexity (AC) Low | Attack Complexity (AC) Low | |||
| Privileges Required (PR) Low | Privileges Required (PR) Low | |||
| User Interaction (UI) None | User Interaction (UI) None | |||
| Scope (S) Unchanged | Scope (S) Unchanged | |||
| Confidentiality (C) High | Confidentiality (C) High | |||
| Integrity (I) None | Integrity (I) None | |||
| Availability (A) None | Availability (A) None | |||
| CVE-2021-35246 (8 of 8) | Attack Vector (AV) Network | Attack Vector (AV) Network | ||
| Attack Complexity (AC) Low | Attack Complexity (AC) Low | |||
| Privileges Required (PR) None | Privileges Required (PR) None | |||
| User Interaction (UI) None | User Interaction (UI) None | |||
| Scope (S) Unchanged | Scope (S) Unchanged | |||
| Confidentiality (C) Low | Confidentiality (C) Low | |||
| Integrity (I) None | Integrity (I) None | |||
| Availability (A) None | Availability (A) None | |||
|
CVE-2021-35252
(8 of 8)
|
Attack Vector (AV) Network | Attack Vector (AV) Network | ||
| Attack Complexity (AC) Low | Attack Complexity (AC) Low | |||
| Privileges Required (PR) None | Privileges Required (PR) None | |||
| User Interaction (UI) None | User Interaction (UI) None | |||
| Scope (S) Unchanged | Scope (S) Unchanged | |||
| Confidentiality (C) High | Confidentiality (C) High | |||
| Integrity (I) None | Integrity (I) None | |||
| Availability (A) None | Availability (A) None | |||
| CVE-2022-36960 (8 of 8) | Attack Vector (AV) Network | Attack Vector (AV) Network | ||
| Attack Complexity (AC) Low | Attack Complexity (AC) Low | |||
| Privileges Required (PR) Low | Privileges Required (PR) Low | |||
| User Interaction (UI) None | User Interaction (UI) None | |||
| Scope (S) Unchanged | Scope (S) Unchanged | |||
| Confidentiality (C) High | Confidentiality (C) High | |||
| Integrity (I) High | Integrity (I) High | |||
| Availability (A) High | Availability (A) High | |||
|
CVE-2022-36961
(8 of 8)
|
Attack Vector (AV) Network | Attack Vector (AV) Network | ||
| Attack Complexity (AC) Low | Attack Complexity (AC) Low | |||
| Privileges Required (PR) Low | Privileges Required (PR) Low | |||
| User Interaction (UI) None | User Interaction (UI) None | |||
| Scope (S) Unchanged | Scope (S) Unchanged | |||
| Confidentiality (C) High | Confidentiality (C) High | |||
| Integrity (I) High | Integrity (I) High | |||
| Availability (A) High | Availability (A) High | |||
| CVE-2022-36962 (8 of 8) | Attack Vector (AV) Network | Attack Vector (AV) Network | ||
| Attack Complexity (AC) Low | Attack Complexity (AC) Low | |||
| Privileges Required (PR) High | Privileges Required (PR) High | |||
| User Interaction (UI) None | User Interaction (UI) None | |||
| Scope (S) Unchanged | Scope (S) Unchanged | |||
| Confidentiality (C) High | Confidentiality (C) High | |||
| Integrity (I) High | Integrity (I) High | |||
| Availability (A) High | Availability (A) High | |||
|
CVE-2022-36963
(8 of 8)
|
Attack Vector (AV) Network | Attack Vector (AV) Network | ||
| Attack Complexity (AC) Low | Attack Complexity (AC) Low | |||
| Privileges Required (PR) High | Privileges Required (PR) High | |||
| User Interaction (UI) None | User Interaction (UI) None | |||
| Scope (S) Unchanged | Scope (S) Unchanged | |||
| Confidentiality (C) High | Confidentiality (C) High | |||
| Integrity (I) High | Integrity (I) High | |||
| Availability (A) High | Availability (A) High | |||
| CVE-2022-36964 (8 of 8) | Attack Vector (AV) Network | Attack Vector (AV) Network | ||
| Attack Complexity (AC) Low | Attack Complexity (AC) Low | |||
| Privileges Required (PR) Low | Privileges Required (PR) Low | |||
| User Interaction (UI) None | User Interaction (UI) None | |||
| Scope (S) Unchanged | Scope (S) Unchanged | |||
| Confidentiality (C) High | Confidentiality (C) High | |||
| Integrity (I) High | Integrity (I) High | |||
| Availability (A) High | Availability (A) High | |||
|
CVE-2022-36965
(8 of 8)
|
Attack Vector (AV) Network | Attack Vector (AV) Network | ||
| Attack Complexity (AC) Low | Attack Complexity (AC) Low | |||
| Privileges Required (PR) None | Privileges Required (PR) None | |||
| User Interaction (UI) Required | User Interaction (UI) Required | |||
| Scope (S) Changed | Scope (S) Changed | |||
| Confidentiality (C) Low | Confidentiality (C) Low | |||
| Integrity (I) Low | Integrity (I) Low | |||
| Availability (A) None | Availability (A) None | |||
|
CVE-2022-36966
(8 of 8)
|
Attack Vector (AV) Network | Attack Vector (AV) Network | ||
| Attack Complexity (AC) Low | Attack Complexity (AC) Low | |||
| Privileges Required (PR) Low | Privileges Required (PR) Low | |||
| User Interaction (UI) None | User Interaction (UI) None | |||
| Scope (S) Unchanged | Scope (S) Unchanged | |||
| Confidentiality (C) Low | Confidentiality (C) Low | |||
| Integrity (I) Low | Integrity (I) Low | |||
| Availability (A) None | Availability (A) None | |||
|
CVE-2022-38106
(8 of 8)
|
Attack Vector (AV) Network | Attack Vector (AV) Network | ||
| Attack Complexity (AC) Low | Attack Complexity (AC) Low | |||
| Privileges Required (PR) Low | Privileges Required (PR) Low | |||
| User Interaction (UI) Required | User Interaction (UI) Required | |||
| Scope (S) Changed | Scope (S) Changed | |||
| Confidentiality (C) Low | Confidentiality (C) Low | |||
| Integrity (I) Low | Integrity (I) Low | |||
| Availability (A) None | Availability (A) None | |||
|
CVE-2022-38107
(8 of 8)
|
Attack Vector (AV) Network | Attack Vector (AV) Network | ||
| Attack Complexity (AC) Low | Attack Complexity (AC) Low | |||
| Privileges Required (PR) None | Privileges Required (PR) None | |||
| User Interaction (UI) None | User Interaction (UI) None | |||
| Scope (S) Unchanged | Scope (S) Unchanged | |||
| Confidentiality (C) Low | Confidentiality (C) Low | |||
| Integrity (I) None | Integrity (I) None | |||
| Availability (A) None | Availability (A) None | |||
| CVE-2022-38108 (8 of 8) | Attack Vector (AV) Network | Attack Vector (AV) Network | ||
| Attack Complexity (AC) Low | Attack Complexity (AC) Low | |||
| Privileges Required (PR) High | Privileges Required (PR) High | |||
| User Interaction (UI) None | User Interaction (UI) None | |||
| Scope (S) Unchanged | Scope (S) Unchanged | |||
| Confidentiality (C) High | Confidentiality (C) High | |||
| Integrity (I) High | Integrity (I) High | |||
| Availability (A) High | Availability (A) High | |||
|
CVE-2022-38110
(8 of 8)
|
Attack Vector (AV) Network | Attack Vector (AV) Network | ||
| Attack Complexity (AC) Low | Attack Complexity (AC) Low | |||
| Privileges Required (PR) Low | Privileges Required (PR) Low | |||
| User Interaction (UI) Required | User Interaction (UI) Required | |||
| Scope (S) Changed | Scope (S) Changed | |||
| Confidentiality (C) Low | Confidentiality (C) Low | |||
| Integrity (I) Low | Integrity (I) Low | |||
| Availability (A) None | Availability (A) None | |||
| CVE-2022-38111 (8 of 8) | Attack Vector (AV) Network | Attack Vector (AV) Network | ||
| Attack Complexity (AC) Low | Attack Complexity (AC) Low | |||
| Privileges Required (PR) High | Privileges Required (PR) High | |||
| User Interaction (UI) None | User Interaction (UI) None | |||
| Scope (S) Unchanged | Scope (S) Unchanged | |||
| Confidentiality (C) High | Confidentiality (C) High | |||
| Integrity (I) High | Integrity (I) High | |||
| Availability (A) High | Availability (A) High | |||
| CVE-2022-38112 (2 of 8) | Attack Vector (AV) Adjacent Network | ≠ | Attack Vector (AV) Network | Applied AV:N due to lack of available Information for NVD Analyst |
| Attack Complexity (AC) High | ≠ | Attack Complexity (AC) Low | No Race Condition, implementation specific secrets required or MiTM identified for NVD analyst | |
| Privileges Required (PR) High | ≠ | Privileges Required (PR) None | No privileges needed by attacker identified by NVD analyst | |
| User Interaction (UI) Required | ≠ | User Interaction (UI) None | User Interaction not identified | |
| Scope (S) Unchanged | Scope (S) Unchanged | |||
| Confidentiality (C) High | Confidentiality (C) High | |||
| Integrity (I) High | ≠ | Integrity (I) None | No integrity impacts identified | |
| Availability (A) High | ≠ | Availability (A) None | No availability impacts identified | |
|
CVE-2022-38113
(8 of 8)
|
Attack Vector (AV) Network | Attack Vector (AV) Network | ||
| Attack Complexity (AC) Low | Attack Complexity (AC) Low | |||
| Privileges Required (PR) None | Privileges Required (PR) None | |||
| User Interaction (UI) None | User Interaction (UI) None | |||
| Scope (S) Unchanged | Scope (S) Unchanged | |||
| Confidentiality (C) Low | Confidentiality (C) Low | |||
| Integrity (I) None | Integrity (I) None | |||
| Availability (A) None | Availability (A) None | |||
|
CVE-2022-38114
(8 of 8)
|
Attack Vector (AV) Network | Attack Vector (AV) Network | ||
| Attack Complexity (AC) Low | Attack Complexity (AC) Low | |||
| Privileges Required (PR) None | Privileges Required (PR) None | |||
| User Interaction (UI) Required | User Interaction (UI) Required | |||
| Scope (S) Changed | Scope (S) Changed | |||
| Confidentiality (C) Low | Confidentiality (C) Low | |||
| Integrity (I) Low | Integrity (I) Low | |||
| Availability (A) None | Availability (A) None | |||
|
CVE-2022-38115
(8 of 8)
|
Attack Vector (AV) Network | Attack Vector (AV) Network | ||
| Attack Complexity (AC) Low | Attack Complexity (AC) Low | |||
| Privileges Required (PR) None | Privileges Required (PR) None | |||
| User Interaction (UI) None | User Interaction (UI) None | |||
| Scope (S) Unchanged | Scope (S) Unchanged | |||
| Confidentiality (C) Low | Confidentiality (C) Low | |||
| Integrity (I) None | Integrity (I) None | |||
| Availability (A) None | Availability (A) None | |||
|
CVE-2022-47503
(8 of 8)
|
Attack Vector (AV) Network | Attack Vector (AV) Network | ||
| Attack Complexity (AC) Low | Attack Complexity (AC) Low | |||
| Privileges Required (PR) High | Privileges Required (PR) High | |||
| User Interaction (UI) None | User Interaction (UI) None | |||
| Scope (S) Unchanged | Scope (S) Unchanged | |||
| Confidentiality (C) High | Confidentiality (C) High | |||
| Integrity (I) High | Integrity (I) High | |||
| Availability (A) High | Availability (A) High | |||
|
CVE-2022-47504
(8 of 8)
|
Attack Vector (AV) Network | Attack Vector (AV) Network | ||
| Attack Complexity (AC) Low | Attack Complexity (AC) Low | |||
| Privileges Required (PR) High | Privileges Required (PR) High | |||
| User Interaction (UI) None | User Interaction (UI) None | |||
| Scope (S) Unchanged | Scope (S) Unchanged | |||
| Confidentiality (C) High | Confidentiality (C) High | |||
| Integrity (I) High | Integrity (I) High | |||
| Availability (A) High | Availability (A) High | |||
| CVE-2022-47505 (8 of 8) | Attack Vector (AV) Local | Attack Vector (AV) Local | ||
| Attack Complexity (AC) Low | Attack Complexity (AC) Low | |||
| Privileges Required (PR) Low | Privileges Required (PR) Low | |||
| User Interaction (UI) None | User Interaction (UI) None | |||
| Scope (S) Unchanged | Scope (S) Unchanged | |||
| Confidentiality (C) High | Confidentiality (C) High | |||
| Integrity (I) High | Integrity (I) High | |||
| Availability (A) High | Availability (A) High | |||
|
CVE-2022-47506
(8 of 8)
|
Attack Vector (AV) Local | Attack Vector (AV) Local | ||
| Attack Complexity (AC) Low | Attack Complexity (AC) Low | |||
| Privileges Required (PR) Low | Privileges Required (PR) Low | |||
| User Interaction (UI) None | User Interaction (UI) None | |||
| Scope (S) Unchanged | Scope (S) Unchanged | |||
| Confidentiality (C) High | Confidentiality (C) High | |||
| Integrity (I) High | Integrity (I) High | |||
| Availability (A) High | Availability (A) High | |||
|
CVE-2022-47507
(8 of 8)
|
Attack Vector (AV) Network | Attack Vector (AV) Network | ||
| Attack Complexity (AC) Low | Attack Complexity (AC) Low | |||
| Privileges Required (PR) High | Privileges Required (PR) High | |||
| User Interaction (UI) None | User Interaction (UI) None | |||
| Scope (S) Unchanged | Scope (S) Unchanged | |||
| Confidentiality (C) High | Confidentiality (C) High | |||
| Integrity (I) High | Integrity (I) High | |||
| Availability (A) High | Availability (A) High | |||
| CVE-2022-47508 (8 of 8) | Attack Vector (AV) Network | Attack Vector (AV) Network | ||
| Attack Complexity (AC) Low | Attack Complexity (AC) Low | |||
| Privileges Required (PR) None | Privileges Required (PR) None | |||
| User Interaction (UI) None | User Interaction (UI) None | |||
| Scope (S) Unchanged | Scope (S) Unchanged | |||
| Confidentiality (C) High | Confidentiality (C) High | |||
| Integrity (I) None | Integrity (I) None | |||
| Availability (A) None | Availability (A) None | |||
|
CVE-2022-47509
(8 of 8)
|
Attack Vector (AV) Network | Attack Vector (AV) Network | ||
| Attack Complexity (AC) Low | Attack Complexity (AC) Low | |||
| Privileges Required (PR) None | Privileges Required (PR) None | |||
| User Interaction (UI) Required | User Interaction (UI) Required | |||
| Scope (S) Changed | Scope (S) Changed | |||
| Confidentiality (C) Low | Confidentiality (C) Low | |||
| Integrity (I) Low | Integrity (I) Low | |||
| Availability (A) None | Availability (A) None | |||
|
CVE-2022-47512
(8 of 8)
|
Attack Vector (AV) Local | Attack Vector (AV) Local | ||
| Attack Complexity (AC) Low | Attack Complexity (AC) Low | |||
| Privileges Required (PR) Low | Privileges Required (PR) Low | |||
| User Interaction (UI) None | User Interaction (UI) None | |||
| Scope (S) Unchanged | Scope (S) Unchanged | |||
| Confidentiality (C) High | Confidentiality (C) High | |||
| Integrity (I) None | Integrity (I) None | |||
| Availability (A) None | Availability (A) None | |||
| CVE-2023-3622 (4 of 8) | Attack Vector (AV) Adjacent Network | ≠ | Attack Vector (AV) Network | Applied AV:N due to lack of available Information for NVD Analyst |
| Attack Complexity (AC) Low | Attack Complexity (AC) Low | |||
| Privileges Required (PR) Low | Privileges Required (PR) Low | |||
| User Interaction (UI) None | User Interaction (UI) None | |||
| Scope (S) Unchanged | Scope (S) Unchanged | |||
| Confidentiality (C) None | ≠ | Confidentiality (C) Low | No limiting factors for confidentiality listed | |
| Integrity (I) Low | ≠ | Integrity (I) None | No integrity impacts identified | |
| Availability (A) Low | ≠ | Availability (A) None | No availability impacts identified | |
|
CVE-2023-23836
(8 of 8)
|
Attack Vector (AV) Network | Attack Vector (AV) Network | ||
| Attack Complexity (AC) Low | Attack Complexity (AC) Low | |||
| Privileges Required (PR) High | Privileges Required (PR) High | |||
| User Interaction (UI) None | User Interaction (UI) None | |||
| Scope (S) Unchanged | Scope (S) Unchanged | |||
| Confidentiality (C) High | Confidentiality (C) High | |||
| Integrity (I) High | Integrity (I) High | |||
| Availability (A) High | Availability (A) High | |||
|
CVE-2023-23837
(8 of 8)
|
Attack Vector (AV) Network | Attack Vector (AV) Network | ||
| Attack Complexity (AC) Low | Attack Complexity (AC) Low | |||
| Privileges Required (PR) None | Privileges Required (PR) None | |||
| User Interaction (UI) None | User Interaction (UI) None | |||
| Scope (S) Unchanged | Scope (S) Unchanged | |||
| Confidentiality (C) High | Confidentiality (C) High | |||
| Integrity (I) None | Integrity (I) None | |||
| Availability (A) None | Availability (A) None | |||
|
CVE-2023-23838
(8 of 8)
|
Attack Vector (AV) Network | Attack Vector (AV) Network | ||
| Attack Complexity (AC) Low | Attack Complexity (AC) Low | |||
| Privileges Required (PR) Low | Privileges Required (PR) Low | |||
| User Interaction (UI) None | User Interaction (UI) None | |||
| Scope (S) Unchanged | Scope (S) Unchanged | |||
| Confidentiality (C) High | Confidentiality (C) High | |||
| Integrity (I) None | Integrity (I) None | |||
| Availability (A) None | Availability (A) None | |||
|
CVE-2023-23839
(8 of 8)
|
Attack Vector (AV) Network | Attack Vector (AV) Network | ||
| Attack Complexity (AC) Low | Attack Complexity (AC) Low | |||
| Privileges Required (PR) Low | Privileges Required (PR) Low | |||
| User Interaction (UI) None | User Interaction (UI) None | |||
| Scope (S) Unchanged | Scope (S) Unchanged | |||
| Confidentiality (C) High | Confidentiality (C) High | |||
| Integrity (I) None | Integrity (I) None | |||
| Availability (A) None | Availability (A) None | |||
|
CVE-2023-23841
(8 of 8)
|
Attack Vector (AV) Network | Attack Vector (AV) Network | ||
| Attack Complexity (AC) Low | Attack Complexity (AC) Low | |||
| Privileges Required (PR) None | Privileges Required (PR) None | |||
| User Interaction (UI) None | User Interaction (UI) None | |||
| Scope (S) Unchanged | Scope (S) Unchanged | |||
| Confidentiality (C) High | Confidentiality (C) High | |||
| Integrity (I) None | Integrity (I) None | |||
| Availability (A) None | Availability (A) None | |||
| CVE-2023-23842 (7 of 8) | Attack Vector (AV) Adjacent Network | ≠ | Attack Vector (AV) Network | Applied AV:N due to lack of available Information for NVD Analyst |
| Attack Complexity (AC) Low | Attack Complexity (AC) Low | |||
| Privileges Required (PR) High | Privileges Required (PR) High | |||
| User Interaction (UI) None | User Interaction (UI) None | |||
| Scope (S) Unchanged | Scope (S) Unchanged | |||
| Confidentiality (C) High | Confidentiality (C) High | |||
| Integrity (I) High | Integrity (I) High | |||
| Availability (A) High | Availability (A) High | |||
|
CVE-2023-23843
(8 of 8)
|
Attack Vector (AV) Network | Attack Vector (AV) Network | ||
| Attack Complexity (AC) Low | Attack Complexity (AC) Low | |||
| Privileges Required (PR) High | Privileges Required (PR) High | |||
| User Interaction (UI) None | User Interaction (UI) None | |||
| Scope (S) Unchanged | Scope (S) Unchanged | |||
| Confidentiality (C) High | Confidentiality (C) High | |||
| Integrity (I) High | Integrity (I) High | |||
| Availability (A) High | Availability (A) High | |||
|
CVE-2023-23844
(8 of 8)
|
Attack Vector (AV) Network | Attack Vector (AV) Network | ||
| Attack Complexity (AC) Low | Attack Complexity (AC) Low | |||
| Privileges Required (PR) High | Privileges Required (PR) High | |||
| User Interaction (UI) None | User Interaction (UI) None | |||
| Scope (S) Unchanged | Scope (S) Unchanged | |||
| Confidentiality (C) High | Confidentiality (C) High | |||
| Integrity (I) High | Integrity (I) High | |||
| Availability (A) High | Availability (A) High | |||
|
CVE-2023-33224
(8 of 8)
|
Attack Vector (AV) Network | Attack Vector (AV) Network | ||
| Attack Complexity (AC) Low | Attack Complexity (AC) Low | |||
| Privileges Required (PR) High | Privileges Required (PR) High | |||
| User Interaction (UI) None | User Interaction (UI) None | |||
| Scope (S) Unchanged | Scope (S) Unchanged | |||
| Confidentiality (C) High | Confidentiality (C) High | |||
| Integrity (I) High | Integrity (I) High | |||
| Availability (A) High | Availability (A) High | |||
| CVE-2023-33225 (7 of 8) | Attack Vector (AV) Adjacent Network | ≠ | Attack Vector (AV) Network | Applied AV:N due to lack of available Information for NVD Analyst |
| Attack Complexity (AC) Low | Attack Complexity (AC) Low | |||
| Privileges Required (PR) High | Privileges Required (PR) High | |||
| User Interaction (UI) None | User Interaction (UI) None | |||
| Scope (S) Unchanged | Scope (S) Unchanged | |||
| Confidentiality (C) High | Confidentiality (C) High | |||
| Integrity (I) High | Integrity (I) High | |||
| Availability (A) High | Availability (A) High | |||
| CVE-2023-33229 (6 of 8) | Attack Vector (AV) Network | Attack Vector (AV) Network | ||
| Attack Complexity (AC) High | ≠ | Attack Complexity (AC) Low | No Race Condition, implementation specific secrets required or MiTM identified for NVD analyst | |
| Privileges Required (PR) None | ≠ | Privileges Required (PR) Low | Attacker as "user" is mentioned, but not identified as high privileges | |
| User Interaction (UI) Required | User Interaction (UI) Required | |||
| Scope (S) Unchanged | Scope (S) Unchanged | |||
| Confidentiality (C) None | Confidentiality (C) None | |||
| Integrity (I) Low | Integrity (I) Low | |||
| Availability (A) None | Availability (A) None | |||
|
CVE-2023-33231
(8 of 8)
|
Attack Vector (AV) Network | Attack Vector (AV) Network | ||
| Attack Complexity (AC) Low | Attack Complexity (AC) Low | |||
| Privileges Required (PR) None | Privileges Required (PR) None | |||
| User Interaction (UI) Required | User Interaction (UI) Required | |||
| Scope (S) Changed | Scope (S) Changed | |||
| Confidentiality (C) Low | Confidentiality (C) Low | |||
| Integrity (I) Low | Integrity (I) Low | |||
| Availability (A) None | Availability (A) None |