Vulnerabilities > Solarwinds

DATE	CVE	VULNERABILITY TITLE	RISK
2021-01-06	CVE-2019-16954	Cross-site Scripting vulnerability in Solarwinds web Help Desk 12.7.0 SolarWinds Web Help Desk 12.7.0 allows HTML injection via a Comment in a Help Request ticket. network low complexity solarwinds CWE-79	5.4
2021-01-04	CVE-2019-16960	Cross-site Scripting vulnerability in Solarwinds web Help Desk 12.7.0 SolarWinds Web Help Desk 12.7.0 allows XSS via a CSV template file with a crafted Location Name field. network low complexity solarwinds CWE-79	5.4
2021-01-04	CVE-2019-16956	Cross-site Scripting vulnerability in Solarwinds web Help Desk 12.7.0 SolarWinds Web Help Desk 12.7.0 allows XSS via the Request Type parameter of a ticket. network low complexity solarwinds CWE-79	5.4
2020-12-29	CVE-2020-10148	Improper Authentication vulnerability in Solarwinds Orion Platform 2019.4/2020.2/2020.2.1 The SolarWinds Orion API is vulnerable to an authentication bypass that could allow a remote attacker to execute API commands. network low complexity solarwinds CWE-287 critical	9.8
2020-12-21	CVE-2019-16959	Improper Neutralization of Formula Elements in a CSV File vulnerability in Solarwinds Webhelpdesk 12.7.0 SolarWinds Web Help Desk 12.7.0 allows CSV Injection, also known as Formula Injection, via a file attached to a ticket. network low complexity solarwinds CWE-1236	6.5
2020-12-18	CVE-2019-16957	Cross-site Scripting vulnerability in Solarwinds Webhelpdesk 12.7.0 SolarWinds Web Help Desk 12.7.0 allows XSS via the First Name field of a User Account. network low complexity solarwinds CWE-79	5.4
2020-12-18	CVE-2019-16955	Cross-site Scripting vulnerability in Solarwinds Webhelpdesk 12.7.0 SolarWinds Web Help Desk 12.7.0 allows XSS via an uploaded SVG document in a request. network low complexity solarwinds CWE-79	5.4
2020-12-16	CVE-2020-25622	Cross-Site Request Forgery (CSRF) vulnerability in Solarwinds N-Central 12.3.0.670 An issue was discovered in SolarWinds N-Central 12.3.0.670. network low complexity solarwinds CWE-352	8.8
2020-12-16	CVE-2020-25621	Missing Authentication for Critical Function vulnerability in Solarwinds N-Central 12.3.0.670 An issue was discovered in SolarWinds N-Central 12.3.0.670. local low complexity solarwinds CWE-306	8.4
2020-12-16	CVE-2020-25620	Use of Hard-coded Credentials vulnerability in Solarwinds N-Central 12.3.0.670 An issue was discovered in SolarWinds N-Central 12.3.0.670. local low complexity solarwinds CWE-798	7.8

Vulnerabilities > Solarwinds {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Solarwinds"}]}

Vulnerabilities > Solarwinds