Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): SolarWinds
- Search Type: Search All
- CPE Name Search: false
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2024-29003 |
The SolarWinds Platform was susceptible to a XSS vulnerability that affects the maps section of the user interface. This vulnerability requires authentication and requires user interaction. Published: April 18, 2024; 6:15:08 AM -0400 |
V3.1: 7.5 HIGH V2.0:(not available) |
CVE-2024-29001 |
A SolarWinds Platform SWQL Injection Vulnerability was identified in the user interface. This vulnerability requires authentication and user interaction to be exploited. Published: April 18, 2024; 5:15:11 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-28076 |
The SolarWinds Platform was susceptible to a Arbitrary Open Redirection Vulnerability. A potential attacker can redirect to different domain when using URL parameter with relative entry in the correct format Published: April 18, 2024; 5:15:11 AM -0400 |
V3.1: 7.0 HIGH V2.0:(not available) |
CVE-2024-28073 |
SolarWinds Serv-U was found to be susceptible to a Directory Traversal Remote Code Vulnerability. This vulnerability requires a highly privileged account to be exploited. Published: April 17, 2024; 1:15:14 PM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-0692 |
The SolarWinds Security Event Manager was susceptible to Remote Code Execution Vulnerability. This vulnerability allows an unauthenticated user to abuse SolarWinds’ service, resulting in remote code execution. Published: March 01, 2024; 4:15:09 AM -0500 |
V3.1: 8.8 HIGH V2.0:(not available) |
CVE-2024-23479 |
SolarWinds Access Rights Manager (ARM) was found to be susceptible to a Directory Traversal Remote Code Execution Vulnerability. If exploited, this vulnerability allows an unauthenticated user to achieve a Remote Code Execution. Published: February 15, 2024; 4:15:10 PM -0500 |
V3.1: 9.6 CRITICAL V2.0:(not available) |
CVE-2024-23478 |
SolarWinds Access Rights Manager (ARM) was found to be susceptible to a Remote Code Execution Vulnerability. If exploited, this vulnerability allows an authenticated user to abuse a SolarWinds service, resulting in remote code execution. Published: February 15, 2024; 4:15:09 PM -0500 |
V3.1: 8.0 HIGH V2.0:(not available) |
CVE-2024-23477 |
The SolarWinds Access Rights Manager (ARM) was found to be susceptible to a Directory Traversal Remote Code Execution Vulnerability. If exploited, this vulnerability allows an unauthenticated user to achieve a Remote Code Execution. Published: February 15, 2024; 4:15:09 PM -0500 |
V3.1: 9.6 CRITICAL V2.0:(not available) |
CVE-2024-23476 |
The SolarWinds Access Rights Manager (ARM) was found to be susceptible to a Directory Traversal Remote Code Execution Vulnerability. If exploited, this vulnerability allows an unauthenticated user to achieve the Remote Code Execution. Published: February 15, 2024; 4:15:09 PM -0500 |
V3.1: 9.6 CRITICAL V2.0:(not available) |
CVE-2023-40057 |
The SolarWinds Access Rights Manager was found to be susceptible to a Remote Code Execution Vulnerability. If exploited, this vulnerability allows an authenticated user to abuse a SolarWinds service resulting in remote code execution. Published: February 15, 2024; 4:15:08 PM -0500 |
V3.1: 9.0 CRITICAL V2.0:(not available) |
CVE-2023-50395 |
SQL Injection Remote Code Execution Vulnerability was found using an update statement in the SolarWinds Platform. This vulnerability requires user authentication to be exploited Published: February 06, 2024; 11:15:51 AM -0500 |
V3.1: 8.8 HIGH V2.0:(not available) |
CVE-2023-35188 |
SQL Injection Remote Code Execution Vulnerability was found using a create statement in the SolarWinds Platform. This vulnerability requires user authentication to be exploited. Published: February 06, 2024; 11:15:51 AM -0500 |
V3.1: 8.8 HIGH V2.0:(not available) |
CVE-2023-40056 |
SQL Injection Remote Code Vulnerability was found in the SolarWinds Platform. This vulnerability can be exploited with a low privileged account. Published: November 28, 2023; 1:15:07 PM -0500 |
V3.1: 8.8 HIGH V2.0:(not available) |
CVE-2023-40062 |
SolarWinds Platform Incomplete List of Disallowed Inputs Remote Code Execution Vulnerability. If executed, this vulnerability would allow a low-privileged user to execute commands with SYSTEM privileges. Published: November 01, 2023; 12:15:08 PM -0400 |
V3.1: 8.8 HIGH V2.0:(not available) |
CVE-2023-33228 |
The SolarWinds Network Configuration Manager was susceptible to the Exposure of Sensitive Information Vulnerability. This vulnerability allows users with administrative access to SolarWinds Web Console to obtain sensitive information. Published: November 01, 2023; 12:15:08 PM -0400 |
V3.1: 4.9 MEDIUM V2.0:(not available) |
CVE-2023-35187 |
The SolarWinds Access Rights Manager was susceptible to a Directory Traversal Remote Code Vulnerability. This vulnerability allows an unauthenticated user to achieve the Remote Code Execution. Published: October 19, 2023; 11:15:09 AM -0400 |
V3.1: 9.8 CRITICAL V2.0:(not available) |
CVE-2023-35186 |
The SolarWinds Access Rights Manager was susceptible to Remote Code Execution Vulnerability. This vulnerability allows an authenticated user to abuse SolarWinds service resulting in remote code execution. Published: October 19, 2023; 11:15:09 AM -0400 |
V3.1: 8.8 HIGH V2.0:(not available) |
CVE-2023-35185 |
The SolarWinds Access Rights Manager was susceptible to a Directory Traversal Remote Code Vulnerability using SYSTEM privileges. Published: October 19, 2023; 11:15:09 AM -0400 |
V3.1: 6.8 MEDIUM V2.0:(not available) |
CVE-2023-35184 |
The SolarWinds Access Rights Manager was susceptible to Remote Code Execution Vulnerability. This vulnerability allows an unauthenticated user to abuse a SolarWinds service resulting in a remote code execution. Published: October 19, 2023; 11:15:09 AM -0400 |
V3.1: 9.8 CRITICAL V2.0:(not available) |
CVE-2023-35183 |
The SolarWinds Access Rights Manager was susceptible to Privilege Escalation Vulnerability. This vulnerability allows authenticated users to abuse local resources to Privilege Escalation. Published: October 19, 2023; 11:15:09 AM -0400 |
V3.1: 7.8 HIGH V2.0:(not available) |