solarwinds

324 tracked vulnerabilities.

CVE-2021-35251 MEDIUM
SolarWinds Web Help Desk < 12.7.8 - Sensitive Information Disclosure via Detailed Error Messages
Mar 10, 2022
CVSS 5.3
EPSS 0.01
CVE-2021-35247 MEDIUM KEV
SolarWinds Serv-U - Info Disclosure
Jan 10, 2022
CVSS 4.3
EPSS 0.03
CVE-2021-35232 MEDIUM
SolarWinds Web Help Desk - Info Disclosure
Dec 27, 2021
CVSS 6.8
EPSS 0.00
CVE-2021-35243 MEDIUM
Web Help Desk <12.7.7 - Info Disclosure
Dec 23, 2021
CVSS 5.3
EPSS 0.01
CVE-2021-35248 MEDIUM
SolarWinds Orion Platform < 2020.2.6 - Unauthenticated User Enumeration via Orion.UserSettings Entity
Dec 20, 2021
CVSS 6.8
EPSS 0.01
CVE-2021-35244 MEDIUM
SolarWinds Orion Platform - Authenticated Remote Code Execution via Log Alert File Action
Dec 20, 2021
CVSS 6.8
EPSS 0.06
CVE-2021-35234 HIGH
SolarWinds Orion Platform < 2020.2.5 - Authenticated SQL Injection
Dec 20, 2021
CVSS 8.0
EPSS 0.03
CVE-2021-35245 HIGH
Serv-U Console - Privilege Escalation
Dec 06, 2021
CVSS 8.4
EPSS 0.01
CVE-2021-35242 HIGH
SolarWinds Serv-U < 15.2.5 - Cross-Site Request Forgery via Session Token
Dec 06, 2021
CVSS 8.3
EPSS 0.01
CVE-2021-35237 MEDIUM
Kiwi Syslog Server < 9.7.2 - Clickjacking via Missing X-Frame-Options Header
Oct 29, 2021
CVSS 5.0
EPSS 0.01
CVE-2021-35236 LOW
Kiwi Syslog Server <9.7.2 - Info Disclosure
Oct 27, 2021
CVSS 3.1
EPSS 0.01
CVE-2021-35235 MEDIUM
Kiwi Syslog Server <9.7.2 - Info Disclosure
Oct 27, 2021
CVSS 5.3
EPSS 0.01
CVE-2021-35233 MEDIUM
Kiwi Syslog Server <9.7.1 - Info Disclosure
Oct 27, 2021
CVSS 5.3
EPSS 0.01
CVE-2021-35231 MEDIUM
Kiwi Syslog Server - Privilege Escalation
Oct 25, 2021
CVSS 6.7
EPSS 0.00
CVE-2021-35230 MEDIUM
Kiwi CatTools - Privilege Escalation
Oct 22, 2021
CVSS 6.7
EPSS 0.00
CVE-2021-35228 MEDIUM
Solarwinds Database Performance Analyzer - Reflective Cross-Site Scripting
Oct 21, 2021
CVSS 5.5
EPSS 0.01
CVE-2021-35227 MEDIUM
RabbitMQ Plugin <2020.2.6 - Info Disclosure
Oct 21, 2021
CVSS 4.7
EPSS 0.00
CVE-2021-35225 MEDIUM
SolarWinds Network Performance Monitor - Authenticated Information Disclosure via NetPath Services
Oct 21, 2021
CVSS 5.0
EPSS 0.01
CVE-2021-35214 MEDIUM
SolarWinds Pingdom - Info Disclosure
Oct 12, 2021
CVSS 4.8
EPSS 0.02
CVE-2021-35217 HIGH
Patch Manager Orion Platform - Code Injection
Sep 08, 2021
CVSS 8.9
EPSS 0.74
CVE-2021-35218 HIGH
SolarWinds Orion Platform < 2020.2.6 - Unauthenticated Remote Code Execution via Web Console Chart Endpoint
Sep 01, 2021
CVSS 8.9
EPSS 0.76
CVE-2021-35216 HIGH
SolarWinds Patch Manager < 2020.2.6 - Authenticated Remote Code Execution via Insecure Deserialization
Sep 01, 2021
CVSS 8.9
EPSS 0.81
CVE-2021-35215 HIGH
SolarWinds Orion Platform < 2020.2.5 - Authenticated Remote Code Execution via Insecure Deserialization
Sep 01, 2021
CVSS 8.9
EPSS 0.70
CVE-2021-35238 MEDIUM
SolarWinds Orion Platform < 2020.2.5 - Authenticated Stored Cross-Site Scripting via CreateExternalWebsite URL Parameter
Sep 01, 2021
CVSS 4.8
EPSS 0.01
CVE-2021-35212 HIGH
Orion Platform - Privilege Escalation
Aug 31, 2021
CVSS 8.9
EPSS 0.02