Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Solarwinds_platform
(Solarwinds)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 19 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2023-07-26 | CVE-2023-3622 | Access Control Bypass Vulnerability in the SolarWinds Platform that allows an underprivileged user to read arbitrary resource | Solarwinds_platform | 4.3 | ||
| 2023-11-01 | CVE-2023-40061 | Insecure job execution mechanism vulnerability. This vulnerability can lead to other attacks as a result. | Solarwinds_platform | 8.8 | ||
| 2023-11-28 | CVE-2023-40056 | SQL Injection Remote Code Vulnerability was found in the SolarWinds Platform. This vulnerability can be exploited with a low privileged account. | Solarwinds_platform | 8.8 | ||
| 2023-11-01 | CVE-2023-40062 | SolarWinds Platform Incomplete List of Disallowed Inputs Remote Code Execution Vulnerability. If executed, this vulnerability would allow a low-privileged user to execute commands with SYSTEM privileges. | Solarwinds_platform | 8.8 | ||
| 2023-07-26 | CVE-2023-33229 | The SolarWinds Platform was susceptible to the Incorrect Input Neutralization Vulnerability. This vulnerability allows a remote adversary with a valid SolarWinds Platform account to append URL parameters to inject passive HTML. | Solarwinds_platform | 3.5 | ||
| 2023-04-25 | CVE-2023-23839 | The SolarWinds Platform was susceptible to the Exposure of Sensitive Information Vulnerability. This vulnerability allows users to access Orion.WebCommunityStrings SWIS schema object and obtain sensitive information. | Solarwinds_platform | 6.5 | ||
| 2023-07-26 | CVE-2023-23843 | The SolarWinds Platform was susceptible to the Incorrect Comparison Vulnerability. This vulnerability allows users with administrative access to SolarWinds Web Console to execute arbitrary commands. | Solarwinds_platform | 7.2 | ||
| 2023-07-26 | CVE-2023-23844 | The SolarWinds Platform was susceptible to the Incorrect Comparison Vulnerability. This vulnerability allows users with administrative access to SolarWinds Web Console to execute arbitrary commands with SYSTEM privileges. | Solarwinds_platform | 7.2 | ||
| 2023-07-26 | CVE-2023-33224 | The SolarWinds Platform was susceptible to the Incorrect Behavior Order Vulnerability. This vulnerability allows users with administrative access to SolarWinds Web Console to execute arbitrary commands with NETWORK SERVICE privileges. | Solarwinds_platform | 7.2 |