Vulnerabilities > Solarwinds

DATE	CVE	VULNERABILITY TITLE	RISK
2020-10-19	CVE-2020-15910	Incorrect Permission Assignment for Critical Resource vulnerability in Solarwinds N-Central 12.3 SolarWinds N-Central version 12.3 GA and lower does not set the JSESSIONID attribute to HTTPOnly. network low complexity solarwinds CWE-732	4.7
2020-10-19	CVE-2020-15909	Session Fixation vulnerability in Solarwinds N-Central SolarWinds N-central through 2020.1 allows session hijacking and requires user interaction or physical access. network low complexity solarwinds CWE-384	8.8
2020-09-17	CVE-2020-13169	Cross-site Scripting vulnerability in Solarwinds Orion Platform Stored XSS (Cross-Site Scripting) exists in the SolarWinds Orion Platform before before 2020.2.1 on multiple forms and pages. network low complexity solarwinds CWE-79 critical	9.0
2020-07-07	CVE-2020-15576	Unspecified vulnerability in Solarwinds Serv-U SolarWinds Serv-U File Server before 15.2.1 allows information disclosure via an HTTP response. network low complexity solarwinds	7.5
2020-07-07	CVE-2020-15575	Cross-site Scripting vulnerability in Solarwinds Serv-U SolarWinds Serv-U File Server before 15.2.1 allows XSS as demonstrated by Tenable Scan, aka Case Number 00484194. network low complexity solarwinds CWE-79	6.1
2020-07-07	CVE-2020-15574	Unspecified vulnerability in Solarwinds Serv-U SolarWinds Serv-U File Server before 15.2.1 mishandles the Same-Site cookie attribute, aka Case Number 00331893. network low complexity solarwinds	7.5
2020-07-07	CVE-2020-15573	Cross-site Scripting vulnerability in Solarwinds Serv-U SolarWinds Serv-U File Server before 15.2.1 has a "Cross-script vulnerability," aka Case Numbers 00041778 and 00306421. network low complexity solarwinds CWE-79	6.1
2020-07-05	CVE-2020-15543	Improper Input Validation vulnerability in Solarwinds Serv-U FTP Server SolarWinds Serv-U FTP server before 15.2.1 does not validate an argument path. network low complexity solarwinds CWE-20 critical	9.8
2020-07-05	CVE-2020-15542	Unspecified vulnerability in Solarwinds Serv-U FTP Server SolarWinds Serv-U FTP server before 15.2.1 mishandles the CHMOD command. network low complexity solarwinds critical	9.8
2020-07-05	CVE-2020-15541	Unspecified vulnerability in Solarwinds Serv-U FTP Server SolarWinds Serv-U FTP server before 15.2.1 allows remote command execution. network low complexity solarwinds critical	9.8

Vulnerabilities > Solarwinds {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Solarwinds"}]}

Vulnerabilities > Solarwinds