Filtered by vendor Solarwinds
Subscribe
Total
310 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-23475 | 1 Solarwinds | 1 Access Rights Manager | 2025-02-26 | N/A | 9.6 CRITICAL |
| The SolarWinds Access Rights Manager was susceptible to a Directory Traversal and Information Disclosure Vulnerability. This vulnerability allows an unauthenticated user to perform arbitrary file deletion and leak sensitive information. | |||||
| CVE-2024-23474 | 1 Solarwinds | 1 Access Rights Manager | 2025-02-26 | N/A | 7.6 HIGH |
| The SolarWinds Access Rights Manager was found to be susceptible to an Arbitrary File Deletion and Information Disclosure vulnerability. | |||||
| CVE-2024-23472 | 1 Solarwinds | 1 Access Rights Manager | 2025-02-26 | N/A | 9.6 CRITICAL |
| SolarWinds Access Rights Manager (ARM) is susceptible to Directory Traversal vulnerability. This vulnerability allows an authenticated user to arbitrary read and delete files in ARM. | |||||
| CVE-2024-23471 | 1 Solarwinds | 1 Access Rights Manager | 2025-02-26 | N/A | 9.6 CRITICAL |
| The SolarWinds Access Rights Manager was found to be susceptible to a Remote Code Execution Vulnerability. If exploited, this vulnerability allows an authenticated user to abuse a SolarWinds service resulting in remote code execution. | |||||
| CVE-2024-23470 | 1 Solarwinds | 1 Access Rights Manager | 2025-02-26 | N/A | 9.6 CRITICAL |
| The SolarWinds Access Rights Manager was found to be susceptible to a pre-authentication remote code execution vulnerability. If exploited, this vulnerability allows an unauthenticated user to run commands and executables. | |||||
| CVE-2024-23469 | 1 Solarwinds | 1 Access Rights Manager | 2025-02-26 | N/A | 9.6 CRITICAL |
| SolarWinds Access Rights Manager (ARM) is susceptible to a Remote Code Execution vulnerability. If exploited, this vulnerability allows an unauthenticated user to perform the actions with SYSTEM privileges. | |||||
| CVE-2024-23468 | 1 Solarwinds | 1 Access Rights Manager | 2025-02-26 | N/A | 7.6 HIGH |
| The SolarWinds Access Rights Manager was susceptible to a Directory Traversal and Information Disclosure Vulnerability. This vulnerability allows an unauthenticated user to perform arbitrary file deletion and leak sensitive information. | |||||
| CVE-2024-23467 | 1 Solarwinds | 1 Access Rights Manager | 2025-02-26 | N/A | 9.6 CRITICAL |
| The SolarWinds Access Rights Manager was susceptible to a Directory Traversal and Information Disclosure Vulnerability. This vulnerability allows an unauthenticated user to perform remote code execution. | |||||
| CVE-2024-23466 | 1 Solarwinds | 1 Access Rights Manager | 2025-02-26 | N/A | 9.6 CRITICAL |
| SolarWinds Access Rights Manager (ARM) is susceptible to a Directory Traversal Remote Code Execution vulnerability. If exploited, this vulnerability allows an unauthenticated user to perform the actions with SYSTEM privileges. | |||||
| CVE-2024-23465 | 1 Solarwinds | 1 Access Rights Manager | 2025-02-26 | N/A | 8.3 HIGH |
| The SolarWinds Access Rights Manager was found to be susceptible to an authentication bypass vulnerability. This vulnerability allows an unauthenticated user to gain domain admin access within the Active Directory environment. | |||||
| CVE-2024-0692 | 1 Solarwinds | 1 Security Event Manager | 2025-02-26 | N/A | 8.8 HIGH |
| The SolarWinds Security Event Manager was susceptible to Remote Code Execution Vulnerability. This vulnerability allows an unauthenticated user to abuse SolarWinds’ service, resulting in remote code execution. | |||||
| CVE-2023-50395 | 1 Solarwinds | 1 Solarwinds Platform | 2025-02-26 | N/A | 8.0 HIGH |
| SQL Injection Remote Code Execution Vulnerability was found using an update statement in the SolarWinds Platform. This vulnerability requires user authentication to be exploited | |||||
| CVE-2023-40061 | 1 Solarwinds | 1 Solarwinds Platform | 2025-02-26 | N/A | 8.8 HIGH |
| Insecure job execution mechanism vulnerability. This vulnerability can lead to other attacks as a result. | |||||
| CVE-2023-35188 | 1 Solarwinds | 1 Solarwinds Platform | 2025-02-26 | N/A | 8.0 HIGH |
| SQL Injection Remote Code Execution Vulnerability was found using a create statement in the SolarWinds Platform. This vulnerability requires user authentication to be exploited. | |||||
| CVE-2023-35185 | 1 Solarwinds | 1 Access Rights Manager | 2025-02-26 | N/A | 6.8 MEDIUM |
| The SolarWinds Access Rights Manager was susceptible to a Directory Traversal Remote Code Vulnerability using SYSTEM privileges. | |||||
| CVE-2024-28989 | 1 Solarwinds | 1 Web Help Desk | 2025-02-25 | N/A | 5.5 MEDIUM |
| SolarWinds Web Help Desk was found to have a hardcoded cryptographic key that could allow the disclosure of sensitive information from the software. | |||||
| CVE-2024-52606 | 1 Solarwinds | 1 Solarwinds Platform | 2025-02-25 | N/A | 3.5 LOW |
| SolarWinds Platform is affected by server-side request forgery vulnerability. Proper input sanitation was not applied allowing for the possibility of a malicious web request. | |||||
| CVE-2024-52611 | 1 Solarwinds | 1 Solarwinds Platform | 2025-02-25 | N/A | 3.5 LOW |
| The SolarWinds Platform is vulnerable to an information disclosure vulnerability through an error message. While the data does not provide anything sensitive, the information could assist an attacker in other malicious actions. | |||||
| CVE-2024-52612 | 1 Solarwinds | 1 Solarwinds Platform | 2025-02-25 | N/A | 6.8 MEDIUM |
| SolarWinds Platform is vulnerable to a reflected cross-site scripting vulnerability. This was caused by an insufficient sanitation of input parameters. This vulnerability requires authentication by a high- privileged account to be exploitable. | |||||
| CVE-2024-45709 | 1 Solarwinds | 1 Web Help Desk | 2025-02-25 | N/A | 5.3 MEDIUM |
| SolarWinds Web Help Desk was susceptible to a local file read vulnerability. This vulnerability requires the software be installed on Linux and configured to use non-default development/test mode making exposure to the vulnerability very limited. | |||||