Vulnerabilities > Solarwinds > Network Performance Monitor > 12.3
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-10-21 | CVE-2021-35225 | Unspecified vulnerability in Solarwinds Network Performance Monitor Each authenticated Orion Platform user in a MSP (Managed Service Provider) environment can view and browse all NetPath Services from all that MSP's customers. | 5.5 |
| 2019-07-16 | CVE-2018-13442 | SQL Injection vulnerability in Solarwinds Network Performance Monitor SolarWinds Network Performance Monitor 12.3 allows SQL Injection via the /api/ActiveAlertsOnThisEntity/GetActiveAlerts TriggeringObjectEntityNames parameter. | 6.5 |