solarwinds

320 tracked vulnerabilities.

CVE-2020-35482 MEDIUM
SolarWinds Serv-U < 15.2.2 - Authenticated Reflected Cross-Site Scripting
Feb 03, 2021
CVSS 5.4
EPSS 0.04
CVE-2020-35481 CRITICAL
SolarWinds Serv-U <15.2.2 - Command Injection
Feb 03, 2021
CVSS 9.8
EPSS 0.04
CVE-2020-28001 MEDIUM
SolarWinds Serv-U < 15.2.2 - Authenticated Stored Cross-Site Scripting
Feb 03, 2021
CVSS 5.4
EPSS 0.02
CVE-2020-27994 MEDIUM
SolarWinds Serv-U < 15.2.2 - Authenticated Path Traversal
Feb 03, 2021
CVSS 6.5
EPSS 0.02
CVE-2020-10148 CRITICAL KEVNUCLEI
SolarWinds Orion Platform 2019.4 HF 5, 2020.2, 2020.2 HF 1 - Unauthenticated API Authentication Bypass
Dec 29, 2020
CVSS 9.8
EPSS 0.94
CVE-2020-25622 HIGH
SolarWinds N-Central 12.3.0.670 - Cross-Site Request Forgery via AdvancedScripts Endpoint
Dec 16, 2020
CVSS 8.8
EPSS 0.03
CVE-2020-25621 HIGH
SolarWinds N-Central 12.3.0.670 - Unauthenticated Database Access
Dec 16, 2020
CVSS 8.4
EPSS 0.00
CVE-2020-25620 HIGH
SolarWinds N-Central 12.3.0.670 - Use of Hard-coded Credentials
Dec 16, 2020
CVSS 7.8
EPSS 0.00
CVE-2020-25619 MEDIUM
SolarWinds N-Central <12.3.0.670 - SSRF
Dec 16, 2020
CVSS 4.4
EPSS 0.01
CVE-2020-25618 HIGH
SolarWinds N-Central 12.3.0.670 - OS Command Injection via Sudo Misconfiguration
Dec 16, 2020
CVSS 8.8
EPSS 0.03
CVE-2020-25617 HIGH
SolarWinds N-Central 12.3.0.670 - Authenticated Path Traversal and OS Command Execution via AdvancedScripts Endpoint
Dec 16, 2020
CVSS 8.8
EPSS 0.11
CVE-2020-15910 MEDIUM
SolarWinds N-Central < 12.3 - Session Cookie Exposure via Missing HTTPOnly Attribute
Oct 19, 2020
CVSS 4.7
EPSS 0.00
CVE-2020-15909 HIGH
SolarWinds N-central <2020.1 - Session Hijacking
Oct 19, 2020
CVSS 8.8
EPSS 0.01
CVE-2020-13169 CRITICAL
SolarWinds Orion Platform < 2020.2.1 - Stored Cross-Site Scripting
Sep 17, 2020
CVSS 9.0
EPSS 0.02
CVE-2020-15576 HIGH
SolarWinds Serv-U < 15.2.1 - Information Disclosure via HTTP Response
Jul 07, 2020
CVSS 7.5
EPSS 0.03
CVE-2020-15575 MEDIUM
SolarWinds Serv-U < 15.2.1 - Cross-Site Scripting
Jul 07, 2020
CVSS 6.1
EPSS 0.03
CVE-2020-15574 HIGH
SolarWinds Serv-U File Server <15.2.1 - CSRF
Jul 07, 2020
CVSS 7.5
EPSS 0.03
CVE-2020-15573 MEDIUM
SolarWinds Serv-U < 15.2.1 - Cross-Site Scripting
Jul 07, 2020
CVSS 6.1
EPSS 0.03
CVE-2020-15543 CRITICAL
SolarWinds Serv-U FTP Server < 15.2.1 - Path Traversal via Unvalidated Argument
Jul 05, 2020
CVSS 9.8
EPSS 0.04
CVE-2020-15542 CRITICAL
SolarWinds Serv-U FTP <15.2.1 - Privilege Escalation
Jul 05, 2020
CVSS 9.8
EPSS 0.04
CVE-2020-15541 CRITICAL
SolarWinds Serv-U FTP <15.2.1 - Command Injection
Jul 05, 2020
CVSS 9.8
EPSS 0.21
CVE-2020-14007 MEDIUM
SolarWinds Orion NPM & WPM Stored XSS via Alert Definition Name
Jun 24, 2020
CVSS 5.4
EPSS 0.01
CVE-2020-14006 MEDIUM
SolarWinds Orion Network Performance Monitor - Stored Cross-Site Scripting via Responsible Team Field
Jun 24, 2020
CVSS 5.4
EPSS 0.01
CVE-2020-14005 HIGH
SolarWinds Orion Network Performance Monitor - Remote Code Execution via Event Definition
Jun 24, 2020
CVSS 8.8
EPSS 0.10
CVE-2020-13912 HIGH
SolarWinds Advanced Monitoring Agent < 10.8.9 - Privilege Escalation via Trojan Horse .exe File
Jun 07, 2020
CVSS 7.3
EPSS 0.01
Products
orion_platform 49 serv-u 39 access_rights_manager 32 solarwinds_platform 27 serv-u_file_server 20 web_help_desk 20 serv-u_ftp_server 11 database_performance_analyzer 10 n-central 9 orion_network_performance_monitor 9 network_performance_monitor 8 observability_self-hosted 8 dameware_mini_remote_control 7 network_configuration_manager 7 tftp_server 6 webhelpdesk 6 kiwi_syslog_server 5 log_and_event_manager 5 orion_web_performance_monitor 4 security_event_manager 4 log_\&_event_manager 3 patch_manager 3 server_and_application_monitor 3 storage_manager 3 virtualization_manager 3 SolarWinds Observability Self-Hosted 2 ftp_voyager 2 kiwi_cattools 2 netpath 2 serv-u_mft_server 2
Quick Filters
Critical CVEs With Exploits In CISA KEV