Vulnerabilities > Solarwinds

DATE	CVE	VULNERABILITY TITLE	RISK
2020-09-17	CVE-2020-13169	Cross-site Scripting vulnerability in Solarwinds Orion Platform Stored XSS (Cross-Site Scripting) exists in the SolarWinds Orion Platform before before 2020.2.1 on multiple forms and pages. network low complexity solarwinds CWE-79 critical	9.0
2020-07-07	CVE-2020-15576	Unspecified vulnerability in Solarwinds Serv-U SolarWinds Serv-U File Server before 15.2.1 allows information disclosure via an HTTP response. network low complexity solarwinds	7.5
2020-07-07	CVE-2020-15575	Cross-site Scripting vulnerability in Solarwinds Serv-U SolarWinds Serv-U File Server before 15.2.1 allows XSS as demonstrated by Tenable Scan, aka Case Number 00484194. network low complexity solarwinds CWE-79	6.1
2020-07-07	CVE-2020-15574	Unspecified vulnerability in Solarwinds Serv-U SolarWinds Serv-U File Server before 15.2.1 mishandles the Same-Site cookie attribute, aka Case Number 00331893. network low complexity solarwinds	7.5
2020-07-07	CVE-2020-15573	Cross-site Scripting vulnerability in Solarwinds Serv-U SolarWinds Serv-U File Server before 15.2.1 has a "Cross-script vulnerability," aka Case Numbers 00041778 and 00306421. network low complexity solarwinds CWE-79	6.1
2020-07-05	CVE-2020-15543	Improper Input Validation vulnerability in Solarwinds Serv-U FTP Server SolarWinds Serv-U FTP server before 15.2.1 does not validate an argument path. network low complexity solarwinds CWE-20 critical	9.8
2020-07-05	CVE-2020-15542	Unspecified vulnerability in Solarwinds Serv-U FTP Server SolarWinds Serv-U FTP server before 15.2.1 mishandles the CHMOD command. network low complexity solarwinds critical	9.8
2020-07-05	CVE-2020-15541	Unspecified vulnerability in Solarwinds Serv-U FTP Server SolarWinds Serv-U FTP server before 15.2.1 allows remote command execution. network low complexity solarwinds critical	9.8
2020-06-24	CVE-2020-14007	Cross-site Scripting vulnerability in Solarwinds products Solarwinds Orion (with Web Console WPM 2019.4.1, and Orion Platform HF4 or NPM HF2 2019.4) allows XSS via a name of an alert definition. network low complexity solarwinds CWE-79	5.4
2020-06-24	CVE-2020-14006	Cross-site Scripting vulnerability in Solarwinds products Solarwinds Orion (with Web Console WPM 2019.4.1, and Orion Platform HF4 or NPM HF2 2019.4) allows XSS via a Responsible Team. network low complexity solarwinds CWE-79	5.4

Vulnerabilities > Solarwinds {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Solarwinds"}]}

Vulnerabilities > Solarwinds