Vulnerabilities > Solarwinds
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-10-19 | CVE-2020-15910 | Incorrect Permission Assignment for Critical Resource vulnerability in Solarwinds N-Central SolarWinds N-Central version 12.3 GA and lower does not set the JSESSIONID attribute to HTTPOnly. | 4.3 |
| 2020-10-19 | CVE-2020-15909 | Session Fixation vulnerability in Solarwinds N-Central SolarWinds N-central through 2020.1 allows session hijacking and requires user interaction or physical access. | 6.8 |
| 2020-09-17 | CVE-2020-13169 | Cross-site Scripting vulnerability in Solarwinds Orion Platform Stored XSS (Cross-Site Scripting) exists in the SolarWinds Orion Platform before before 2020.2.1 on multiple forms and pages. | 3.5 |
| 2020-07-07 | CVE-2020-15576 | Information Exposure vulnerability in Solarwinds Serv-U 15.1.6 SolarWinds Serv-U File Server before 15.2.1 allows information disclosure via an HTTP response. | 5.0 |
| 2020-07-07 | CVE-2020-15575 | Cross-site Scripting vulnerability in Solarwinds Serv-U 15.1.6 SolarWinds Serv-U File Server before 15.2.1 allows XSS as demonstrated by Tenable Scan, aka Case Number 00484194. | 4.3 |
| 2020-07-07 | CVE-2020-15574 | Missing Encryption of Sensitive Data vulnerability in Solarwinds Serv-U 15.1.6 SolarWinds Serv-U File Server before 15.2.1 mishandles the Same-Site cookie attribute, aka Case Number 00331893. | 5.0 |
| 2020-07-07 | CVE-2020-15573 | Cross-site Scripting vulnerability in Solarwinds Serv-U 15.1.6 SolarWinds Serv-U File Server before 15.2.1 has a "Cross-script vulnerability," aka Case Numbers 00041778 and 00306421. | 4.3 |
| 2020-07-05 | CVE-2020-15543 | Improper Input Validation vulnerability in Solarwinds Serv-U FTP Server SolarWinds Serv-U FTP server before 15.2.1 does not validate an argument path. | 7.5 |
| 2020-07-05 | CVE-2020-15542 | Unspecified vulnerability in Solarwinds Serv-U FTP Server SolarWinds Serv-U FTP server before 15.2.1 mishandles the CHMOD command. | 7.5 |
| 2020-07-05 | CVE-2020-15541 | Code Injection vulnerability in Solarwinds Serv-U FTP Server SolarWinds Serv-U FTP server before 15.2.1 allows remote command execution. | 7.5 |