solarwinds
324 tracked vulnerabilities.
CVE-2021-35240
MEDIUM
SolarWinds Orion Platform < 2020.2.5 - Stored Cross-Site Scripting via Help Server Setting
Aug 31, 2021
CVSS 6.5
EPSS 0.01
CVE-2021-35239
HIGH
SolarWinds Orion Platform < 2020.2.5 - Stored Cross-Site Scripting via Map Text Box Hyperlink
Aug 31, 2021
CVSS 7.5
EPSS 0.01
CVE-2021-35223
HIGH
Serv-U < 15.2.4 - Remote Code Execution via Event Command Parameters
Aug 31, 2021
CVSS 8.5
EPSS 0.03
CVE-2021-35213
HIGH
Orion Platform <2020.2.5 - Privilege Escalation
Aug 31, 2021
CVSS 8.9
EPSS 0.03
CVE-2021-35222
HIGH
SolarWinds Orion Platform < 2020.2.6 - Remote Code Execution via Alerts Settings Page
Aug 31, 2021
CVSS 8.0
EPSS 0.03
CVE-2021-35221
MEDIUM
SolarWinds Orion Platform ImportAlert - Access Control Remote Code Execution
Aug 31, 2021
CVSS 6.3
EPSS 0.02
CVE-2021-35220
HIGH
SolarWinds Orion Platform < 2020.2.6 - Remote Code Execution via EmailWebPage API
Aug 31, 2021
CVSS 8.1
EPSS 0.02
CVE-2021-35219
MEDIUM
ExportToPdfCmd <ImportAlert - Info Disclosure
Aug 31, 2021
CVSS 6.0
EPSS 0.01
CVE-2021-32076
MEDIUM
SolarWinds Web Help Desk < 12.7.2 - Authentication Bypass via Referrer Spoofing
Aug 26, 2021
CVSS 5.3
EPSS 0.01
CVE-2021-28674
MEDIUM
SolarWinds Orion Platform < 2020.2.5 - Authenticated Node Creation and Deletion via Predictable Node IDs
Jul 30, 2021
CVSS 5.4
EPSS 0.01
CVE-2021-35211
CRITICAL
KEVNUCLEI
SolarWinds Serv-U <15.2.3 HF2 - RCE
Jul 14, 2021
CVSS 9.0
EPSS 0.91
CVE-2021-31217
CRITICAL
SolarWinds DameWare Mini Remote Control Server 12.0.1.200 - Unauthenticated File Deletion via Insecure Permissions
Jul 13, 2021
CVSS 9.1
EPSS 0.04
CVE-2021-31475
HIGH
SolarWinds Orion Job Scheduler 2020.2.1 HF 2 - Authenticated Remote Code Execution via JobRouterService WCF Service
May 21, 2021
CVSS 8.8
EPSS 0.06
CVE-2021-31474
CRITICAL
SolarWinds Network Performance Monitor 2020.2.1-2020.2.5 - Remote Code Execution via Untrusted Data Deserialization
May 21, 2021
CVSS 9.8
EPSS 0.94
CVE-2021-32604
MEDIUM
SolarWinds Serv-U < 15.2.3 - Cross-Site Scripting via Share URL SenderEmail Parameter
May 11, 2021
CVSS 5.4
EPSS 0.02
CVE-2021-25179
MEDIUM
SolarWinds Serv-U < 15.2 - Cross-Site Scripting via HTTP Host Header
May 05, 2021
CVSS 6.1
EPSS 0.01
CVE-2021-3154
HIGH
SolarWinds Serv-U < 15.2.2 - Unauthenticated Cleartext Password Exposure via Macro Injection
May 04, 2021
CVSS 7.5
EPSS 0.01
CVE-2021-27277
HIGH
SolarWinds Orion Platform - Privilege Escalation via OneTimeJobSchedulerEventsService WCF Deserialization
Apr 22, 2021
CVSS 7.8
EPSS 0.01
CVE-2021-27258
CRITICAL
SolarWinds Orion Platform 2020.2 - Privilege Escalation
Apr 14, 2021
CVSS 9.8
EPSS 0.04
CVE-2021-27240
HIGH
SolarWinds Patch Manager 2020.2.1 - Privilege Escalation
Mar 29, 2021
CVSS 7.8
EPSS 0.00
CVE-2021-3109
MEDIUM
SolarWinds Orion Platform < 2020.2.5 - Reverse Tabnabbing via Custom Menu Item Options Page
Mar 26, 2021
CVSS 4.8
EPSS 0.01
CVE-2021-25276
HIGH
SolarWinds Serv-U <15.2.2 - Privilege Escalation
Feb 03, 2021
CVSS 7.1
EPSS 0.00
CVE-2021-25275
HIGH
SolarWinds Orion Platform <2020.2.4 - Info Disclosure
Feb 03, 2021
CVSS 7.8
EPSS 0.01
CVE-2021-25274
CRITICAL
SolarWinds Orion Platform <2020.2.4 - RCE
Feb 03, 2021
CVSS 9.8
EPSS 0.36
CVE-2020-22428
MEDIUM
SolarWinds Serv-U < 15.1.6 Hotfix 3 - Stored Cross-Site Scripting via Directory Name
May 05, 2021
CVSS 4.8
EPSS 0.01
Products
orion_platform 49
serv-u 40
access_rights_manager 32
solarwinds_platform 27
web_help_desk 21
serv-u_file_server 20
serv-u_ftp_server 11
database_performance_analyzer 10
n-central 9
orion_network_performance_monitor 9
network_performance_monitor 8
observability_self-hosted 8
dameware_mini_remote_control 7
network_configuration_manager 7
tftp_server 6
webhelpdesk 6
kiwi_syslog_server 5
log_and_event_manager 5
orion_web_performance_monitor 4
security_event_manager 4
log_\&_event_manager 3
patch_manager 3
server_and_application_monitor 3
storage_manager 3
virtualization_manager 3
SolarWinds Observability Self-Hosted 2
ftp_voyager 2
kiwi_cattools 2
netpath 2
serv-u_mft_server 2
Quick Filters