Filtered by vendor Solarwinds
Subscribe
Total
295 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-40054 | 1 Solarwinds | 1 Network Configuration Manager | 2024-11-21 | N/A | 8.0 HIGH |
| The Network Configuration Manager was susceptible to a Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows a low-level user to perform the actions with SYSTEM privileges. We found this issue was not resolved in CVE-2023-33226 | |||||
| CVE-2023-40053 | 1 Solarwinds | 1 Serv-u | 2024-11-21 | N/A | 5.0 MEDIUM |
| A vulnerability has been identified within Serv-U 15.4 that allows an authenticated actor to insert content on the file share function feature of Serv-U, which could be used maliciously. | |||||
| CVE-2023-3622 | 1 Solarwinds | 1 Solarwinds Platform | 2024-11-21 | N/A | 4.3 MEDIUM |
| Access Control Bypass Vulnerability in the SolarWinds Platform that allows an underprivileged user to read arbitrary resource | |||||
| CVE-2023-35188 | 1 Solarwinds | 1 Solarwinds Platform | 2024-11-21 | N/A | 8.0 HIGH |
| SQL Injection Remote Code Execution Vulnerability was found using a create statement in the SolarWinds Platform. This vulnerability requires user authentication to be exploited. | |||||
| CVE-2023-35187 | 1 Solarwinds | 1 Access Rights Manager | 2024-11-21 | N/A | 8.8 HIGH |
| The SolarWinds Access Rights Manager was susceptible to a Directory Traversal Remote Code Vulnerability. This vulnerability allows an unauthenticated user to achieve the Remote Code Execution. | |||||
| CVE-2023-35186 | 1 Solarwinds | 1 Access Rights Manager | 2024-11-21 | N/A | 8.0 HIGH |
| The SolarWinds Access Rights Manager was susceptible to Remote Code Execution Vulnerability. This vulnerability allows an authenticated user to abuse SolarWinds service resulting in remote code execution. | |||||
| CVE-2023-35185 | 1 Solarwinds | 1 Access Rights Manager | 2024-11-21 | N/A | 6.8 MEDIUM |
| The SolarWinds Access Rights Manager was susceptible to a Directory Traversal Remote Code Vulnerability using SYSTEM privileges. | |||||
| CVE-2023-35184 | 1 Solarwinds | 1 Access Rights Manager | 2024-11-21 | N/A | 8.8 HIGH |
| The SolarWinds Access Rights Manager was susceptible to Remote Code Execution Vulnerability. This vulnerability allows an unauthenticated user to abuse a SolarWinds service resulting in a remote code execution. | |||||
| CVE-2023-35183 | 1 Solarwinds | 1 Access Rights Manager | 2024-11-21 | N/A | 7.8 HIGH |
| The SolarWinds Access Rights Manager was susceptible to Privilege Escalation Vulnerability. This vulnerability allows authenticated users to abuse local resources to Privilege Escalation. | |||||
| CVE-2023-35182 | 1 Solarwinds | 1 Access Rights Manager | 2024-11-21 | N/A | 8.8 HIGH |
| The SolarWinds Access Rights Manager was susceptible to Remote Code Execution Vulnerability. This vulnerability can be abused by unauthenticated users on SolarWinds ARM Server. | |||||
| CVE-2023-35181 | 1 Solarwinds | 1 Access Rights Manager | 2024-11-21 | N/A | 7.8 HIGH |
| The SolarWinds Access Rights Manager was susceptible to Privilege Escalation Vulnerability. This vulnerability allows users to abuse incorrect folder permission resulting in Privilege Escalation. | |||||
| CVE-2023-35180 | 1 Solarwinds | 1 Access Rights Manager | 2024-11-21 | N/A | 8.0 HIGH |
| The SolarWinds Access Rights Manager was susceptible to Remote Code Execution Vulnerability. This vulnerability allows authenticated users to abuse SolarWinds ARM API. | |||||
| CVE-2023-35179 | 1 Solarwinds | 1 Serv-u | 2024-11-21 | N/A | 7.2 HIGH |
| A vulnerability has been identified within Serv-U 15.4 that, if exploited, allows an actor to bypass multi-factor/two-factor authentication. The actor must have administrator-level access to Serv-U to perform this action. | |||||
| CVE-2023-33231 | 1 Solarwinds | 1 Database Performance Analyzer | 2024-11-21 | N/A | 6.1 MEDIUM |
| XSS attack was possible in DPA 2023.2 due to insufficient input validation | |||||
| CVE-2023-33228 | 1 Solarwinds | 1 Network Configuration Manager | 2024-11-21 | N/A | 4.5 MEDIUM |
| The SolarWinds Network Configuration Manager was susceptible to the Exposure of Sensitive Information Vulnerability. This vulnerability allows users with administrative access to SolarWinds Web Console to obtain sensitive information. | |||||
| CVE-2023-33227 | 1 Solarwinds | 1 Network Configuration Manager | 2024-11-21 | N/A | 8.0 HIGH |
| The Network Configuration Manager was susceptible to a Directory Traversal Remote Code Execution Vulnerability This vulnerability allows a low level user to perform the actions with SYSTEM privileges. | |||||
| CVE-2023-33226 | 1 Solarwinds | 1 Network Configuration Manager | 2024-11-21 | N/A | 8.0 HIGH |
| The Network Configuration Manager was susceptible to a Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows a low-level user to perform the actions with SYSTEM privileges. | |||||
| CVE-2023-33225 | 1 Solarwinds | 1 Solarwinds Platform | 2024-11-21 | N/A | 7.2 HIGH |
| The SolarWinds Platform was susceptible to the Incorrect Comparison Vulnerability. This vulnerability allows users with administrative access to SolarWinds Web Console to execute arbitrary commands with SYSTEM privileges. | |||||
| CVE-2023-33224 | 1 Solarwinds | 1 Solarwinds Platform | 2024-11-21 | N/A | 7.2 HIGH |
| The SolarWinds Platform was susceptible to the Incorrect Behavior Order Vulnerability. This vulnerability allows users with administrative access to SolarWinds Web Console to execute arbitrary commands with NETWORK SERVICE privileges. | |||||
| CVE-2023-23845 | 1 Solarwinds | 1 Orion Platform | 2024-11-21 | N/A | 6.8 MEDIUM |
| The SolarWinds Platform was susceptible to the Incorrect Comparison Vulnerability. This vulnerability allows users with administrative access to SolarWinds Web Console to execute arbitrary commands with NETWORK SERVICE privileges. | |||||