Filtered by vendor Solarwinds
Subscribe
Search
Total
193 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-35235 | 1 Solarwinds | 1 Kiwi Syslog Server | 2021-10-28 | 5.0 MEDIUM | 5.3 MEDIUM |
| The ASP.NET debug feature is enabled by default in Kiwi Syslog Server 9.7.2 and previous versions. ASP.NET allows remote debugging of web applications, if configured to do so. Debug mode causes ASP.NET to compile applications with extra information. The information enables a debugger to closely monitor and control the execution of an application. If an attacker could successfully start a remote debugging session, this is likely to disclose sensitive information about the web application and supporting infrastructure that may be valuable in targeting SWI with malicious intent. | |||||
| CVE-2021-35233 | 1 Solarwinds | 1 Kiwi Syslog Server | 2021-10-28 | 5.0 MEDIUM | 5.3 MEDIUM |
| The HTTP TRACK & TRACE methods were enabled in Kiwi Syslog Server 9.7.1 and earlier. These methods are intended for diagnostic purposes only. If enabled, the web server will respond to requests that use these methods by returning exact HTTP request that was received in the response to the client. This may lead to the disclosure of sensitive information such as internal authentication headers appended by reverse proxies. | |||||
| CVE-2021-35230 | 1 Solarwinds | 1 Kiwi Cattools | 2021-10-28 | 7.2 HIGH | 6.7 MEDIUM |
| As a result of an unquoted service path vulnerability present in the Kiwi CatTools Installation Wizard, a local attacker could gain escalated privileges by inserting an executable into the path of the affected service or uninstall entry. | |||||
| CVE-2021-35228 | 1 Solarwinds | 1 Database Performance Analyzer | 2021-10-26 | 2.6 LOW | 4.7 MEDIUM |
| This vulnerability occurred due to missing input sanitization for one of the output fields that is extracted from headers on specific section of page causing a reflective cross site scripting attack. An attacker would need to perform a Man in the Middle attack in order to change header for a remote victim. | |||||
| CVE-2021-35214 | 1 Solarwinds | 1 Pingdom | 2021-10-18 | 1.9 LOW | 4.7 MEDIUM |
| The vulnerability in SolarWinds Pingdom can be described as a failure to invalidate user session upon password or email address change. When running multiple active sessions in separate browser windows, it was observed a password or email address change could be changed without terminating the user session. This issue has been resolved on September 13, 2021. | |||||
| CVE-2021-32076 | 1 Solarwinds | 1 Web Help Desk | 2021-09-23 | 5.0 MEDIUM | 5.3 MEDIUM |
| Access Restriction Bypass via referrer spoof was discovered in SolarWinds Web Help Desk 12.7.2. An attacker can access the 'Web Help Desk Getting Started Wizard', especially the admin account creation page, from a non-privileged IP address network range or loopback address by intercepting the HTTP request and changing the referrer from the public IP address to the loopback. | |||||
| CVE-2021-35223 | 1 Solarwinds | 1 Serv-u | 2021-09-16 | 6.5 MEDIUM | 8.8 HIGH |
| The Serv-U File Server allows for events such as user login failures to be audited by executing a command. This command can be supplied with parameters that can take the form of user string variables, allowing remote code execution. | |||||
| CVE-2021-35238 | 1 Solarwinds | 1 Orion Platform | 2021-09-09 | 3.5 LOW | 4.8 MEDIUM |
| User with Orion Platform Admin Rights could store XSS through URL POST parameter in CreateExternalWebsite website. | |||||
| CVE-2021-35240 | 2 Microsoft, Solarwinds | 2 Internet Explorer, Orion Platform | 2021-09-09 | 3.5 LOW | 4.8 MEDIUM |
| A security researcher stored XSS via a Help Server setting. This affects customers using Internet Explorer, because they do not support 'rel=noopener'. | |||||
| CVE-2021-35222 | 2 Microsoft, Solarwinds | 2 Windows, Orion Platform | 2021-09-09 | 4.3 MEDIUM | 9.6 CRITICAL |
| This vulnerability allows attackers to impersonate users and perform arbitrary actions leading to a Remote Code Execution (RCE) from the Alerts Settings page. | |||||
| CVE-2021-35221 | 2 Microsoft, Solarwinds | 2 Windows, Orion Platform | 2021-09-09 | 5.5 MEDIUM | 8.1 HIGH |
| Improper Access Control Tampering Vulnerability using ImportAlert function which can lead to a Remote Code Execution (RCE) from the Alerts Settings page. | |||||
| CVE-2021-35220 | 1 Solarwinds | 1 Orion Platform | 2021-09-08 | 6.5 MEDIUM | 7.2 HIGH |
| Command Injection vulnerability in EmailWebPage API which can lead to a Remote Code Execution (RCE) from the Alerts Settings page. | |||||
| CVE-2021-35239 | 1 Solarwinds | 1 Orion Platform | 2021-09-08 | 3.5 LOW | 5.4 MEDIUM |
| A security researcher found a user with Orion map manage rights could store XSS through via text box hyperlink. | |||||
| CVE-2020-13912 | 1 Solarwinds | 1 Advanced Monitoring Agent | 2021-07-21 | 6.0 MEDIUM | 7.3 HIGH |
| SolarWinds Advanced Monitoring Agent before 10.8.9 allows local users to gain privileges via a Trojan horse .exe file, because everyone can write to a certain .exe file. | |||||
| CVE-2019-3957 | 1 Solarwinds | 1 Dameware Mini Remote Control | 2021-07-21 | 5.8 MEDIUM | 7.4 HIGH |
| Dameware Remote Mini Control version 12.1.0.34 and prior contains an unauthenticated remote buffer over-read due to the server not properly validating RsaSignatureLen during key negotiation, which could crash the application or leak sensitive information. | |||||
| CVE-2019-12864 | 1 Solarwinds | 3 Netpath, Network Performance Monitor, Orion Platform | 2021-07-21 | 2.1 LOW | 5.5 MEDIUM |
| SolarWinds Orion Platform 2018.4 HF3 (NPM 12.4, NetPath 1.1.4) is vulnerable to Information Leakage, because of improper error handling with stack traces, as demonstrated by discovering a full pathname upon a 500 Internal Server Error via the api2/swis/query?lang=en-us&swAlertOnError=false query parameter. | |||||
| CVE-2020-15541 | 1 Solarwinds | 1 Serv-u Ftp Server | 2021-07-21 | 7.5 HIGH | 9.8 CRITICAL |
| SolarWinds Serv-U FTP server before 15.2.1 allows remote command execution. | |||||
| CVE-2020-15576 | 1 Solarwinds | 1 Serv-u | 2021-07-21 | 5.0 MEDIUM | 7.5 HIGH |
| SolarWinds Serv-U File Server before 15.2.1 allows information disclosure via an HTTP response. | |||||
| CVE-2020-25621 | 1 Solarwinds | 1 N-central | 2021-07-21 | 2.1 LOW | 8.4 HIGH |
| An issue was discovered in SolarWinds N-Central 12.3.0.670. The local database does not require authentication: security is only based on ability to access a network interface. The database has keys and passwords. | |||||
| CVE-2019-16959 | 1 Solarwinds | 1 Webhelpdesk | 2021-07-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| SolarWinds Web Help Desk 12.7.0 allows CSV Injection, also known as Formula Injection, via a file attached to a ticket. | |||||
| CVE-2019-16954 | 1 Solarwinds | 1 Web Help Desk | 2021-07-21 | 4.9 MEDIUM | 5.4 MEDIUM |
| SolarWinds Web Help Desk 12.7.0 allows HTML injection via a Comment in a Help Request ticket. | |||||
| CVE-2019-9017 | 1 Solarwinds | 1 Damewire Mini Remote Control | 2021-07-21 | 5.0 MEDIUM | 7.5 HIGH |
| DWRCC in SolarWinds DameWare Mini Remote Control 10.0 x64 has a Buffer Overflow associated with the size field for the machine name. | |||||
| CVE-2019-20002 | 1 Solarwinds | 1 Webhelpdesk | 2021-07-21 | 6.0 MEDIUM | 7.8 HIGH |
| Formula Injection exists in the export feature in SolarWinds WebHelpDesk 12.7.1 via a value (provided by a low-privileged user in the Subject field of a help request form) that is mishandled in a TicketActions/view?tab=group TSV export by an admin user. | |||||
| CVE-2019-3980 | 1 Solarwinds | 1 Dameware Mini Remote Control | 2021-07-21 | 10.0 HIGH | 9.8 CRITICAL |
| The Solarwinds Dameware Mini Remote Client agent v12.1.0.89 supports smart card authentication which can allow a user to upload an executable to be executed on the DWRCS.exe host. An unauthenticated, remote attacker can request smart card login and upload and execute an arbitrary executable run under the Local System account. | |||||
| CVE-2020-15574 | 1 Solarwinds | 1 Serv-u | 2021-07-21 | 5.0 MEDIUM | 7.5 HIGH |
| SolarWinds Serv-U File Server before 15.2.1 mishandles the Same-Site cookie attribute, aka Case Number 00331893. | |||||
| CVE-2021-27277 | 1 Solarwinds | 1 Orion Platform | 2021-07-20 | 7.2 HIGH | 7.8 HIGH |
| This vulnerability allows local attackers to escalate privileges on affected installations of SolarWinds Orion Virtual Infrastructure Monitor 2020.2. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the OneTimeJobSchedulerEventsService WCF service. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-11955. | |||||
| CVE-2021-31474 | 1 Solarwinds | 1 Network Performance Monitor | 2021-06-07 | 10.0 HIGH | 9.8 CRITICAL |
| This vulnerability allows remote attackers to execute arbitrary code on affected installations of SolarWinds Network Performance Monitor 2020.2.1. Authentication is not required to exploit this vulnerability. The specific flaw exists within the SolarWinds.Serialization library. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-12213. | |||||
| CVE-2021-31475 | 1 Solarwinds | 1 Orion Job Scheduler | 2021-06-03 | 9.0 HIGH | 8.8 HIGH |
| This vulnerability allows remote attackers to execute arbitrary code on affected installations of SolarWinds Orion Job Scheduler 2020.2.1 HF 2. Authentication is required to exploit this vulnerability. The specific flaw exists within the JobRouterService WCF service. The issue is due to the WCF service configuration, which allows a critical resource to be accessed by unprivileged users. An attacker can leverage this vulnerability to execute code in the context of an administrator. Was ZDI-CAN-12007. | |||||
| CVE-2020-22428 | 1 Solarwinds | 2 Serv-u Ftp Server, Serv-u Mft Server | 2021-05-17 | 3.5 LOW | 4.8 MEDIUM |
| SolarWinds Serv-U before 15.1.6 Hotfix 3 is affected by Cross Site Scripting (XSS) via a directory name (entered by an admin) containing a JavaScript payload. | |||||
| CVE-2021-25179 | 1 Solarwinds | 1 Serv-u File Server | 2021-05-11 | 4.3 MEDIUM | 6.1 MEDIUM |
| SolarWinds Serv-U before 15.2 is affected by Cross Site Scripting (XSS) via the HTTP Host header. | |||||
| CVE-2021-27240 | 1 Solarwinds | 1 Patch Manager | 2021-04-01 | 7.2 HIGH | 7.8 HIGH |
| This vulnerability allows local attackers to escalate privileges on affected installations of SolarWinds Patch Manager 2020.2.1. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the DataGridService WCF service. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of Administrator. Was ZDI-CAN-12009. | |||||
| CVE-2020-35856 | 1 Solarwinds | 1 Orion Platform | 2021-03-29 | 3.5 LOW | 4.8 MEDIUM |
| SolarWinds Orion Platform before 2020.2.5 allows stored XSS attacks by an administrator on the Customize View page. | |||||
| CVE-2021-3109 | 1 Solarwinds | 1 Orion Platform | 2021-03-29 | 4.9 MEDIUM | 4.8 MEDIUM |
| The custom menu item options page in SolarWinds Orion Platform before 2020.2.5 allows Reverse Tabnabbing in the context of an administrator account. | |||||
| CVE-2020-27871 | 1 Solarwinds | 1 Orion Platform | 2021-03-26 | 9.0 HIGH | 7.2 HIGH |
| This vulnerability allows remote attackers to create arbitrary files on affected installations of SolarWinds Orion Platform 2020.2.1. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within VulnerabilitySettings.aspx. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-11902. | |||||
| CVE-2020-27869 | 1 Solarwinds | 1 Network Performance Monitor | 2021-03-26 | 9.0 HIGH | 8.8 HIGH |
| This vulnerability allows remote attackers to escalate privileges on affected installations of SolarWinds Network Performance Monitor 2020 HF1, NPM: 2020.2. Authentication is required to exploit this vulnerability. The specific flaw exists within the WriteToFile method. The issue results from the lack of proper validation of a user-supplied string before using it to construct SQL queries. An attacker can leverage this vulnerability to escalate privileges and reset the password for the Admin user. Was ZDI-CAN-11804. | |||||
| CVE-2020-27870 | 1 Solarwinds | 1 Orion Platform | 2021-03-26 | 4.0 MEDIUM | 6.5 MEDIUM |
| This vulnerability allows remote attackers to disclose sensitive information on affected installations of SolarWinds Orion Platform 2020.2.1. Authentication is required to exploit this vulnerability. The specific flaw exists within ExportToPDF.aspx. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to disclose information in the context of SYSTEM. Was ZDI-CAN-11917. | |||||
| CVE-2020-28001 | 1 Solarwinds | 1 Serv-u | 2021-02-25 | 3.5 LOW | 5.4 MEDIUM |
| SolarWinds Serv-U before 15.2.2 allows Authenticated Stored XSS. | |||||
| CVE-2020-27994 | 1 Solarwinds | 1 Serv-u | 2021-02-18 | 4.0 MEDIUM | 6.5 MEDIUM |
| SolarWinds Serv-U before 15.2.2 allows Authenticated Directory Traversal. | |||||
| CVE-2021-25275 | 1 Solarwinds | 1 Orion Platform | 2021-02-08 | 2.1 LOW | 7.8 HIGH |
| SolarWinds Orion Platform before 2020.2.4, as used by various SolarWinds products, installs and uses a SQL Server backend, and stores database credentials to access this backend in a file readable by unprivileged users. As a result, any user having access to the filesystem can read database login details from that file, including the login name and its associated password. Then, the credentials can be used to get database owner access to the SWNetPerfMon.DB database. This gives access to the data collected by SolarWinds applications, and leads to admin access to the applications by inserting or changing authentication data stored in the Accounts table of the database. | |||||
| CVE-2021-25274 | 1 Solarwinds | 1 Orion Platform | 2021-02-08 | 10.0 HIGH | 9.8 CRITICAL |
| The Collector Service in SolarWinds Orion Platform before 2020.2.4 uses MSMQ (Microsoft Message Queue) and doesn't set permissions on its private queues. As a result, remote unauthenticated clients can send messages to TCP port 1801 that the Collector Service will process. Additionally, upon processing of such messages, the service deserializes them in insecure manner, allowing remote arbitrary code execution as LocalSystem. | |||||
| CVE-2020-35481 | 1 Solarwinds | 1 Serv-u | 2021-02-05 | 7.5 HIGH | 9.8 CRITICAL |
| SolarWinds Serv-U before 15.2.2 allows Unauthenticated Macro Injection. | |||||
| CVE-2020-35482 | 1 Solarwinds | 1 Serv-u | 2021-02-04 | 3.5 LOW | 5.4 MEDIUM |
| SolarWinds Serv-U before 15.2.2 allows authenticated reflected XSS. | |||||
| CVE-2019-16961 | 1 Solarwinds | 1 Web Help Desk | 2021-01-21 | 3.5 LOW | 5.4 MEDIUM |
| SolarWinds Web Help Desk 12.7.0 allows XSS via a Schedule Name. | |||||
| CVE-2020-14005 | 1 Solarwinds | 2 Orion Network Performance Monitor, Orion Web Performance Monitor | 2021-01-14 | 9.0 HIGH | 8.8 HIGH |
| Solarwinds Orion (with Web Console WPM 2019.4.1, and Orion Platform HF4 or NPM HF2 2019.4) allows remote attackers to execute arbitrary code via a defined event. | |||||
| CVE-2019-16956 | 1 Solarwinds | 1 Web Help Desk | 2021-01-06 | 3.5 LOW | 5.4 MEDIUM |
| SolarWinds Web Help Desk 12.7.0 allows XSS via the Request Type parameter of a ticket. | |||||
| CVE-2019-16960 | 1 Solarwinds | 1 Web Help Desk | 2021-01-06 | 3.5 LOW | 5.4 MEDIUM |
| SolarWinds Web Help Desk 12.7.0 allows XSS via a CSV template file with a crafted Location Name field. | |||||
| CVE-2020-10148 | 1 Solarwinds | 1 Orion Platform | 2020-12-31 | 7.5 HIGH | 9.8 CRITICAL |
| The SolarWinds Orion API is vulnerable to an authentication bypass that could allow a remote attacker to execute API commands. This vulnerability could allow a remote attacker to bypass authentication and execute API commands which may result in a compromise of the SolarWinds instance. SolarWinds Orion Platform versions 2019.4 HF 5, 2020.2 with no hotfix installed, and 2020.2 HF 1 are affected. | |||||
| CVE-2020-25620 | 1 Solarwinds | 1 N-central | 2020-12-21 | 4.6 MEDIUM | 7.8 HIGH |
| An issue was discovered in SolarWinds N-Central 12.3.0.670. Hard-coded Credentials exist by default for local user accounts named support@n-able.com and nableadmin@n-able.com. These allow logins to the N-Central Administrative Console (NAC) and/or the regular web interface. | |||||
| CVE-2020-25619 | 1 Solarwinds | 1 N-central | 2020-12-21 | 3.6 LOW | 4.4 MEDIUM |
| An issue was discovered in SolarWinds N-Central 12.3.0.670. The SSH component does not restrict the Communication Channel to Intended Endpoints. An attacker can leverage an SSH feature (port forwarding with a temporary key pair) to access network services on the 127.0.0.1 interface, even though this feature was only intended for user-to-agent communication. | |||||
| CVE-2020-25618 | 1 Solarwinds | 1 N-central | 2020-12-21 | 9.0 HIGH | 8.8 HIGH |
| An issue was discovered in SolarWinds N-Central 12.3.0.670. The sudo configuration has incorrect access control because the nable web user account is effectively able to run arbitrary OS commands as root (i.e., the use of root privileges is not limited to specific programs listed in the sudoers file). | |||||