Vulnerabilities > Solarwinds

DATE	CVE	VULNERABILITY TITLE	RISK
2023-01-20	CVE-2022-47012	Use of Uninitialized Resource vulnerability in Solarwinds Dynamips 0.2.21 Use of uninitialized variable in function gen_eth_recv in GNS3 dynamips 0.2.21. network low complexity solarwinds CWE-908	7.5
2023-01-20	CVE-2022-38110	Cross-site Scripting vulnerability in Solarwinds Database Performance Analyzer In Database Performance Analyzer (DPA) 2022.4 and older releases, certain URL vectors are susceptible to authenticated reflected cross-site scripting. network low complexity solarwinds CWE-79	5.4
2022-12-19	CVE-2022-47512	Cleartext Storage of Sensitive Information vulnerability in Solarwinds Platform 2022.4.0 Sensitive information was stored in plain text in a file that is accessible by a user with a local account in Hybrid Cloud Observability (HCO)/ SolarWinds Platform 2022.4. local low complexity solarwinds CWE-312	5.5
2022-12-16	CVE-2021-35252	Improper Authentication vulnerability in Solarwinds Serv-U Common encryption key appears to be used across all deployed instances of Serv-U FTP Server. network low complexity solarwinds CWE-287	7.5
2022-12-16	CVE-2022-38106	Cross-site Scripting vulnerability in Solarwinds Serv-U 15.3.0/15.3.1 This vulnerability happens in the web client versions 15.3.0 to Serv-U 15.3.1. network low complexity solarwinds CWE-79	5.4
2022-11-29	CVE-2022-36960	Improper Input Validation vulnerability in Solarwinds Orion Platform SolarWinds Platform was susceptible to Improper Input Validation. network low complexity solarwinds CWE-20	8.8
2022-11-29	CVE-2022-36962	Command Injection vulnerability in Solarwinds Orion Platform SolarWinds Platform was susceptible to Command Injection. network low complexity solarwinds CWE-77	7.2
2022-11-29	CVE-2022-36964	Deserialization of Untrusted Data vulnerability in Solarwinds Orion Platform SolarWinds Platform was susceptible to the Deserialization of Untrusted Data. network low complexity solarwinds CWE-502	8.8
2022-11-23	CVE-2021-35246	Cleartext Transmission of Sensitive Information vulnerability in Solarwinds Engineer'S Toolset 2020.2.6 The application fails to prevent users from connecting to it over unencrypted connections. network low complexity solarwinds CWE-319	5.3
2022-11-23	CVE-2022-38113	Information Exposure vulnerability in Solarwinds Security Event Manager 2022.4 This vulnerability discloses build and services versions in the server response header. network low complexity solarwinds CWE-200	5.3

Vulnerabilities > Solarwinds {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Solarwinds"}]}

Vulnerabilities > Solarwinds