solarwinds

324 tracked vulnerabilities.

CVE-2023-23840 MEDIUM
SolarWinds Platform - Privilege Escalation
Sep 13, 2023
CVSS 6.8
EPSS 0.05
CVE-2023-40060 HIGH
SolarWinds Serv-U 15.4-15.4 Hotfix 1 - Authenticated Multi-Factor Authentication Bypass
Sep 07, 2023
CVSS 7.2
EPSS 0.01
CVE-2023-35179 HIGH
SolarWinds Serv-U 15.4 - Authenticated Multi-Factor Authentication Bypass
Aug 11, 2023
CVSS 7.2
EPSS 0.01
CVE-2023-3622 MEDIUM
SolarWinds Platform < 2023.2.1 - Access Control Bypass
Jul 26, 2023
CVSS 4.3
EPSS 0.01
CVE-2023-33229 LOW
SolarWinds Platform < 2023.3.0 - Authenticated HTML Injection via URL Parameter
Jul 26, 2023
CVSS 3.5
EPSS 0.01
CVE-2023-23842 HIGH
SolarWinds Network Configuration Manager - Path Traversal
Jul 26, 2023
CVSS 7.2
EPSS 0.03
CVE-2023-33225 HIGH
SolarWinds Platform - Privilege Escalation
Jul 26, 2023
CVSS 7.2
EPSS 0.03
CVE-2023-33224 HIGH
SolarWinds Platform - Privilege Escalation
Jul 26, 2023
CVSS 7.2
EPSS 0.03
CVE-2023-23844 HIGH
SolarWinds Platform - Privilege Escalation
Jul 26, 2023
CVSS 7.2
EPSS 0.03
CVE-2023-23843 HIGH
SolarWinds Platform - Privilege Escalation
Jul 26, 2023
CVSS 7.2
EPSS 0.03
CVE-2023-33231 MEDIUM
SolarWinds Database Performance Analyzer < 2023.2.100 - Cross-Site Scripting
Jul 18, 2023
CVSS 6.1
EPSS 0.00
CVE-2023-23841 HIGH
SolarWinds Serv-U - Info Disclosure
Jun 15, 2023
CVSS 7.5
EPSS 0.00
CVE-2023-23839 MEDIUM
SolarWinds Platform - Info Disclosure
Apr 25, 2023
CVSS 6.5
EPSS 0.01
CVE-2023-23838 MEDIUM
Directory Traversal/File Enumeration - Path Traversal
Apr 25, 2023
CVSS 6.5
EPSS 0.01
CVE-2023-23837 HIGH
No Exception Handling - Info Disclosure
Apr 25, 2023
CVSS 7.5
EPSS 0.01
CVE-2023-23836 HIGH
SolarWinds Platform <2022.4.1 - Deserialization
Feb 15, 2023
CVSS 7.2
EPSS 0.80
CVE-2022-47509 MEDIUM
SolarWinds Orion Platform < 2023.2 - Authenticated Cross-Site Scripting via URL Parameter Injection
Apr 21, 2023
CVSS 6.1
EPSS 0.01
CVE-2022-47505 HIGH
SolarWinds Orion Platform < 2023.2 - Local Privilege Escalation
Apr 21, 2023
CVSS 7.8
EPSS 0.00
CVE-2022-36963 HIGH
SolarWinds Orion Platform < 2023.2 - Authenticated Remote Code Execution
Apr 21, 2023
CVSS 7.2
EPSS 0.08
CVE-2022-47508 HIGH
SolarWinds Server & Application Monitor - Unauthenticated NTLM Traffic Exposure via IP Address Polling
Feb 15, 2023
CVSS 7.5
EPSS 0.01
CVE-2022-47507 HIGH
SolarWinds Orion Platform - Remote Code Execution via Deserialization of Untrusted Data
Feb 15, 2023
CVSS 7.2
EPSS 0.07
CVE-2022-47506 HIGH
SolarWinds Orion Platform - Authenticated Path Traversal and Arbitrary Command Execution via Default Configuration Edit
Feb 15, 2023
CVSS 7.8
EPSS 0.01
CVE-2022-47504 HIGH
SolarWinds Orion Platform - Authenticated Remote Code Execution via Untrusted Data Deserialization
Feb 15, 2023
CVSS 7.2
EPSS 0.25
CVE-2022-47503 HIGH
SolarWinds Orion Platform - Remote Code Execution via Untrusted Data Deserialization
Feb 15, 2023
CVSS 7.2
EPSS 0.24
CVE-2022-38111 HIGH
SolarWinds Platform - Code Injection
Feb 15, 2023
CVSS 7.2
EPSS 0.85