Vulnerabilities > Solarwinds > N Central > 12.3
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-10-19 | CVE-2020-15910 | Incorrect Permission Assignment for Critical Resource vulnerability in Solarwinds N-Central 12.3 SolarWinds N-Central version 12.3 GA and lower does not set the JSESSIONID attribute to HTTPOnly. | 4.7 |
| 2020-10-19 | CVE-2020-15909 | Session Fixation vulnerability in Solarwinds N-Central SolarWinds N-central through 2020.1 allows session hijacking and requires user interaction or physical access. | 8.8 |