Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Solarwinds_platform
(Solarwinds)Repositories |
Unknown: This might be proprietary software. |
#Vulnerabilities | 17 |
Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2022-09-30 | CVE-2022-36965 | Insufficient sanitization of inputs in QoE application input field could lead to stored and Dom based XSS attack. This issue is fixed and released in SolarWinds Platform (2022.3.0). | Solarwinds_platform | 6.1 | ||
2022-12-19 | CVE-2022-47512 | Sensitive information was stored in plain text in a file that is accessible by a user with a local account in Hybrid Cloud Observability (HCO)/ SolarWinds Platform 2022.4. No other versions are affected | Solarwinds_platform | 5.5 | ||
2024-06-04 | CVE-2024-28996 | The SolarWinds Platform was determined to be affected by a SWQL Injection Vulnerability. Attack complexity is high for this vulnerability. | Solarwinds_platform | 8.1 | ||
2024-06-04 | CVE-2024-28999 | The SolarWinds Platform was determined to be affected by a Race Condition Vulnerability affecting the web console. | Solarwinds_platform | 8.1 | ||
2024-06-04 | CVE-2024-29004 | The SolarWinds Platform was determined to be affected by a stored cross-site scripting vulnerability affecting the web console. A high-privileged user and user interaction is required to exploit this vulnerability. | Solarwinds_platform | 4.8 | ||
2024-02-06 | CVE-2023-35188 | SQL Injection Remote Code Execution Vulnerability was found using a create statement in the SolarWinds Platform. This vulnerability requires user authentication to be exploited. | Solarwinds_platform | 8.8 | ||
2024-02-06 | CVE-2023-50395 | SQL Injection Remote Code Execution Vulnerability was found using an update statement in the SolarWinds Platform. This vulnerability requires user authentication to be exploited | Solarwinds_platform | 8.8 | ||
2023-07-26 | CVE-2023-33225 | The SolarWinds Platform was susceptible to the Incorrect Comparison Vulnerability. This vulnerability allows users with administrative access to SolarWinds Web Console to execute arbitrary commands with SYSTEM privileges. | Solarwinds_platform | 7.2 | ||
2023-07-26 | CVE-2023-3622 | Access Control Bypass Vulnerability in the SolarWinds Platform that allows an underprivileged user to read arbitrary resource | Solarwinds_platform | 4.3 | ||
2023-11-01 | CVE-2023-40061 | Insecure job execution mechanism vulnerability. This vulnerability can lead to other attacks as a result. | Solarwinds_platform | 8.8 |