Vulnerabilities > Solarwinds

DATE	CVE	VULNERABILITY TITLE	RISK
2023-02-15	CVE-2022-47503	Deserialization of Untrusted Data vulnerability in Solarwinds Orion Platform 2022.4.1 SolarWinds Platform was susceptible to the Deserialization of Untrusted Data. network low complexity solarwinds CWE-502	7.2
2023-02-15	CVE-2022-47504	Deserialization of Untrusted Data vulnerability in Solarwinds Orion Platform 2022.4.1 SolarWinds Platform was susceptible to the Deserialization of Untrusted Data. network low complexity solarwinds CWE-502	7.2
2023-02-15	CVE-2022-47506	Path Traversal vulnerability in Solarwinds Orion Platform 2022.4.1 SolarWinds Platform was susceptible to the Directory Traversal Vulnerability. local low complexity solarwinds CWE-22	7.8
2023-02-15	CVE-2022-47507	Deserialization of Untrusted Data vulnerability in Solarwinds Orion Platform 2022.4.1 SolarWinds Platform was susceptible to the Deserialization of Untrusted Data. network low complexity solarwinds CWE-502	7.2
2023-02-15	CVE-2022-47508	Unspecified vulnerability in Solarwinds Server and Application Monitor 2022.4 Customers who had configured their polling to occur via Kerberos did not expect NTLM Traffic on their environment, but since we were querying for data via IP address this prevented us from utilizing Kerberos. network low complexity solarwinds	7.5
2023-02-15	CVE-2023-23836	Deserialization of Untrusted Data vulnerability in Solarwinds Orion Platform 2022.4.1 SolarWinds Platform version 2022.4.1 was found to be susceptible to the Deserialization of Untrusted Data. network low complexity solarwinds CWE-502	7.2
2023-01-20	CVE-2022-47012	Use of Uninitialized Resource vulnerability in Solarwinds Dynamips 0.2.21 Use of uninitialized variable in function gen_eth_recv in GNS3 dynamips 0.2.21. network low complexity solarwinds CWE-908	7.5
2023-01-20	CVE-2022-38110	Cross-site Scripting vulnerability in Solarwinds Database Performance Analyzer In Database Performance Analyzer (DPA) 2022.4 and older releases, certain URL vectors are susceptible to authenticated reflected cross-site scripting. network low complexity solarwinds CWE-79	5.4
2023-01-20	CVE-2022-38112	Cleartext Storage of Sensitive Information vulnerability in Solarwinds Database Performance Analyzer In DPA 2022.4 and older releases, generated heap memory dumps contain sensitive information in cleartext. network low complexity solarwinds CWE-312	7.5
2022-12-19	CVE-2022-47512	Cleartext Storage of Sensitive Information vulnerability in Solarwinds Platform 2022.4.0 Sensitive information was stored in plain text in a file that is accessible by a user with a local account in Hybrid Cloud Observability (HCO)/ SolarWinds Platform 2022.4. local low complexity solarwinds CWE-312	5.5

Vulnerabilities > Solarwinds {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Solarwinds"}]}

Vulnerabilities > Solarwinds