Vulnerabilities > Solarwinds
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-04-25 | CVE-2023-23838 | Path Traversal vulnerability in Solarwinds Database Performance Analyzer Directory traversal and file enumeration vulnerability which allowed users to enumerate to different folders of the server. | 6.5 |
| 2023-04-21 | CVE-2022-36963 | Code Injection vulnerability in Solarwinds Orion Platform The SolarWinds Platform was susceptible to the Command Injection Vulnerability. | 7.2 |
| 2023-04-21 | CVE-2022-47505 | Improper Privilege Management vulnerability in Solarwinds Orion Platform The SolarWinds Platform was susceptible to the Local Privilege Escalation Vulnerability. | 7.8 |
| 2023-04-21 | CVE-2022-47509 | Cross-site Scripting vulnerability in Solarwinds Orion Platform The SolarWinds Platform was susceptible to the Incorrect Input Neutralization Vulnerability. | 6.1 |
| 2023-02-15 | CVE-2022-38111 | Deserialization of Untrusted Data vulnerability in Solarwinds Orion Platform 2022.4.1 SolarWinds Platform was susceptible to the Deserialization of Untrusted Data. | 7.2 |
| 2023-02-15 | CVE-2022-47503 | Deserialization of Untrusted Data vulnerability in Solarwinds Orion Platform 2022.4.1 SolarWinds Platform was susceptible to the Deserialization of Untrusted Data. | 7.2 |
| 2023-02-15 | CVE-2022-47504 | Deserialization of Untrusted Data vulnerability in Solarwinds Orion Platform 2022.4.1 SolarWinds Platform was susceptible to the Deserialization of Untrusted Data. | 7.2 |
| 2023-02-15 | CVE-2022-47506 | Path Traversal vulnerability in Solarwinds Orion Platform 2022.4.1 SolarWinds Platform was susceptible to the Directory Traversal Vulnerability. | 7.8 |
| 2023-02-15 | CVE-2022-47507 | Deserialization of Untrusted Data vulnerability in Solarwinds Orion Platform 2022.4.1 SolarWinds Platform was susceptible to the Deserialization of Untrusted Data. | 7.2 |
| 2023-02-15 | CVE-2022-47508 | Unspecified vulnerability in Solarwinds Server and Application Monitor 2022.4 Customers who had configured their polling to occur via Kerberos did not expect NTLM Traffic on their environment, but since we were querying for data via IP address this prevented us from utilizing Kerberos. | 7.5 |