Solarwinds

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2023-40062 1Solarwinds 1Solarwinds Platform Nov 21, 2024 Nov 1, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 SolarWinds Platform Incomplete List of Disallowed Inputs Remote Code Execution Vulnerability. If executed, this vulnerability would allow a low-privileged user to execute commands with SYSTEM privileges.
CVE-2023-40061 1Solarwinds 1Solarwinds Platform Feb 26, 2025 Nov 1, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 Insecure job execution mechanism vulnerability. This vulnerability can lead to other attacks as a result.
CVE-2023-33228 1Solarwinds 1Network Configuration Manager Nov 21, 2024 Nov 1, 2023 N/A· v4 4.9 MEDIUM· v3 N/A· v2 The SolarWinds Network Configuration Manager was susceptible to the Exposure of Sensitive Information Vulnerability. This vulnerability allows users with administrative access to SolarWinds Web Console to obtain sensitiv...Show more The SolarWinds Network Configuration Manager was susceptible to the Exposure of Sensitive Information Vulnerability. This vulnerability allows users with administrative access to SolarWinds Web Console to obtain sensitive information.Show less
CVE-2023-33227 1Solarwinds 1Network Configuration Manager Nov 21, 2024 Nov 1, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 The Network Configuration Manager was susceptible to a Directory Traversal Remote Code Execution Vulnerability This vulnerability allows a low level user to perform the actions with SYSTEM privileges.
CVE-2023-33226 1Solarwinds 1Network Configuration Manager Nov 21, 2024 Nov 1, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 The Network Configuration Manager was susceptible to a Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows a low-level user to perform the actions with SYSTEM privileges.
CVE-2023-35187 1Solarwinds 1Access Rights Manager Nov 21, 2024 Oct 19, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 The SolarWinds Access Rights Manager was susceptible to a Directory Traversal Remote Code Vulnerability. This vulnerability allows an unauthenticated user to achieve the Remote Code Execution.
CVE-2023-35186 1Solarwinds 1Access Rights Manager Nov 21, 2024 Oct 19, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 The SolarWinds Access Rights Manager was susceptible to Remote Code Execution Vulnerability. This vulnerability allows an authenticated user to abuse SolarWinds service resulting in remote code execution.
CVE-2023-35185 1Solarwinds 1Access Rights Manager Feb 26, 2025 Oct 19, 2023 N/A· v4 6.8 MEDIUM· v3 N/A· v2 The SolarWinds Access Rights Manager was susceptible to a Directory Traversal Remote Code Vulnerability using SYSTEM privileges.
CVE-2023-35184 1Solarwinds 1Access Rights Manager Nov 21, 2024 Oct 19, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 The SolarWinds Access Rights Manager was susceptible to Remote Code Execution Vulnerability. This vulnerability allows an unauthenticated user to abuse a SolarWinds service resulting in a remote code execution.
CVE-2023-35183 1Solarwinds 1Access Rights Manager Nov 21, 2024 Oct 19, 2023 N/A· v4 7.8 HIGH· v3 N/A· v2 The SolarWinds Access Rights Manager was susceptible to Privilege Escalation Vulnerability. This vulnerability allows authenticated users to abuse local resources to Privilege Escalation.
CVE-2023-35182 1Solarwinds 1Access Rights Manager Nov 21, 2024 Oct 19, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 The SolarWinds Access Rights Manager was susceptible to Remote Code Execution Vulnerability. This vulnerability can be abused by unauthenticated users on SolarWinds ARM Server.
CVE-2023-35181 1Solarwinds 1Access Rights Manager Nov 21, 2024 Oct 19, 2023 N/A· v4 7.8 HIGH· v3 N/A· v2 The SolarWinds Access Rights Manager was susceptible to Privilege Escalation Vulnerability. This vulnerability allows users to abuse incorrect folder permission resulting in Privilege Escalation.
CVE-2023-35180 1Solarwinds 1Access Rights Manager Nov 21, 2024 Oct 19, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 The SolarWinds Access Rights Manager was susceptible to Remote Code Execution Vulnerability. This vulnerability allows authenticated users to abuse SolarWinds ARM API.
CVE-2023-23845 1Solarwinds 1Orion Platform Nov 21, 2024 Sep 13, 2023 N/A· v4 7.2 HIGH· v3 N/A· v2 The SolarWinds Platform was susceptible to the Incorrect Comparison Vulnerability. This vulnerability allows users with administrative access to SolarWinds Web Console to execute arbitrary commands with NETWORK SERVICE p...Show more The SolarWinds Platform was susceptible to the Incorrect Comparison Vulnerability. This vulnerability allows users with administrative access to SolarWinds Web Console to execute arbitrary commands with NETWORK SERVICE privileges.Show less
CVE-2023-23840 1Solarwinds 1Orion Platform Nov 21, 2024 Sep 13, 2023 N/A· v4 7.2 HIGH· v3 N/A· v2 The SolarWinds Platform was susceptible to the Incorrect Comparison Vulnerability. This vulnerability allows users with administrative access to SolarWinds Web Console to execute arbitrary commands with NETWORK SERVICE p...Show more The SolarWinds Platform was susceptible to the Incorrect Comparison Vulnerability. This vulnerability allows users with administrative access to SolarWinds Web Console to execute arbitrary commands with NETWORK SERVICE privileges.Show less
CVE-2023-40060 1Solarwinds 1Serv U Nov 21, 2024 Sep 7, 2023 N/A· v4 7.2 HIGH· v3 N/A· v2 A vulnerability has been identified within Serv-U 15.4 and 15.4 Hotfix 1 that, if exploited, allows an actor to bypass multi-factor/two-factor authentication. The actor must have administrator-level access to Serv-U to p...Show more A vulnerability has been identified within Serv-U 15.4 and 15.4 Hotfix 1 that, if exploited, allows an actor to bypass multi-factor/two-factor authentication. The actor must have administrator-level access to Serv-U to perform this action. 15.4. SolarWinds found that the issue was not completely fixed in 15.4 Hotfix 1. Show less
CVE-2023-35179 1Solarwinds 1Serv U Nov 21, 2024 Aug 11, 2023 N/A· v4 7.2 HIGH· v3 N/A· v2 A vulnerability has been identified within Serv-U 15.4 that, if exploited, allows an actor to bypass multi-factor/two-factor authentication. The actor must have administrator-level access to Serv-U to perform this actio...Show more A vulnerability has been identified within Serv-U 15.4 that, if exploited, allows an actor to bypass multi-factor/two-factor authentication. The actor must have administrator-level access to Serv-U to perform this action. Show less
CVE-2023-3622 1Solarwinds 1Solarwinds Platform Nov 21, 2024 Jul 26, 2023 N/A· v4 4.3 MEDIUM· v3 N/A· v2 Access Control Bypass Vulnerability in the SolarWinds Platform that allows an underprivileged user to read arbitrary resource
CVE-2023-33229 1Solarwinds 1Solarwinds Platform Nov 21, 2024 Jul 26, 2023 N/A· v4 3.5 LOW· v3 N/A· v2 The SolarWinds Platform was susceptible to the Incorrect Input Neutralization Vulnerability. This vulnerability allows a remote adversary with a valid SolarWinds Platform account to append URL parameters to inject passiv...Show more The SolarWinds Platform was susceptible to the Incorrect Input Neutralization Vulnerability. This vulnerability allows a remote adversary with a valid SolarWinds Platform account to append URL parameters to inject passive HTML. Show less
CVE-2023-23842 1Solarwinds 1Network Configuration Monitor Nov 21, 2024 Jul 26, 2023 N/A· v4 7.2 HIGH· v3 N/A· v2 The SolarWinds Network Configuration Manager was susceptible to the Directory Traversal Vulnerability. This vulnerability allows users with administrative access to SolarWinds Web Console to execute arbitrary commands.

Previous 1...456...16 Next