Vulnerabilities > Solarwinds

DATE	CVE	VULNERABILITY TITLE	RISK
2020-12-16	CVE-2020-25619	Unspecified vulnerability in Solarwinds N-Central 12.3.0.670 An issue was discovered in SolarWinds N-Central 12.3.0.670. local low complexity solarwinds	4.4
2020-12-16	CVE-2020-25618	OS Command Injection vulnerability in Solarwinds N-Central 12.3.0.670 An issue was discovered in SolarWinds N-Central 12.3.0.670. network low complexity solarwinds CWE-78	8.8
2020-12-16	CVE-2020-25617	Path Traversal vulnerability in Solarwinds N-Central 12.3.0.670 An issue was discovered in SolarWinds N-Central 12.3.0.670. network low complexity solarwinds CWE-22	8.8
2020-12-15	CVE-2018-16243	Cross-site Scripting vulnerability in Solarwinds Database Performance Analyzer 11.1.468/12.0.3074 SolarWinds Database Performance Analyzer (DPA) 11.1.468 and 12.0.3074 have several persistent XSS vulnerabilities, related to logViewer.iwc, centralManage.cen, userAdministration.iwc, database.iwc, alertManagement.iwc, eventAnnotations.iwc, and central.cen. network low complexity solarwinds CWE-79	5.4
2020-12-01	CVE-2019-16958	Cross-site Scripting vulnerability in Solarwinds Help Desk 12.7.0 Cross-site Scripting (XSS) vulnerability in SolarWinds Web Help Desk 12.7.0 allows attacker to inject arbitrary web script or HTML via Location Name. network low complexity solarwinds CWE-79	5.4
2020-10-19	CVE-2020-15910	Incorrect Permission Assignment for Critical Resource vulnerability in Solarwinds N-Central 12.3 SolarWinds N-Central version 12.3 GA and lower does not set the JSESSIONID attribute to HTTPOnly. network low complexity solarwinds CWE-732	4.7
2020-10-19	CVE-2020-15909	Session Fixation vulnerability in Solarwinds N-Central SolarWinds N-central through 2020.1 allows session hijacking and requires user interaction or physical access. network low complexity solarwinds CWE-384	8.8
2020-09-17	CVE-2020-13169	Cross-site Scripting vulnerability in Solarwinds Orion Platform Stored XSS (Cross-Site Scripting) exists in the SolarWinds Orion Platform before before 2020.2.1 on multiple forms and pages. network low complexity solarwinds CWE-79 critical	9.0
2020-07-07	CVE-2020-15576	Unspecified vulnerability in Solarwinds Serv-U SolarWinds Serv-U File Server before 15.2.1 allows information disclosure via an HTTP response. network low complexity solarwinds	7.5
2020-07-07	CVE-2020-15575	Cross-site Scripting vulnerability in Solarwinds Serv-U SolarWinds Serv-U File Server before 15.2.1 allows XSS as demonstrated by Tenable Scan, aka Case Number 00484194. network low complexity solarwinds CWE-79	6.1

Vulnerabilities > Solarwinds {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Solarwinds"}]}

Vulnerabilities > Solarwinds