Vulnerabilities > Solarwinds > Critical
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-07-13 | CVE-2021-31217 | Incorrect Default Permissions vulnerability in Solarwinds Dameware Mini Remote Control 12.0.1.200 In SolarWinds DameWare Mini Remote Control Server 12.0.1.200, insecure file permissions allow file deletion as SYSTEM. | 9.4 |
2021-05-21 | CVE-2021-31475 | Incorrect Permission Assignment for Critical Resource vulnerability in Solarwinds Orion JOB Scheduler 2020.2.1 This vulnerability allows remote attackers to execute arbitrary code on affected installations of SolarWinds Orion Job Scheduler 2020.2.1 HF 2. | 9.0 |
2021-05-21 | CVE-2021-31474 | Deserialization of Untrusted Data vulnerability in Solarwinds Network Performance Monitor This vulnerability allows remote attackers to execute arbitrary code on affected installations of SolarWinds Network Performance Monitor 2020.2.1. | 10.0 |
2021-02-12 | CVE-2020-27869 | SQL Injection vulnerability in Solarwinds Network Performance Monitor 2020/2020.2 This vulnerability allows remote attackers to escalate privileges on affected installations of SolarWinds Network Performance Monitor 2020 HF1, NPM: 2020.2. | 9.0 |
2021-02-10 | CVE-2020-27871 | Path Traversal vulnerability in Solarwinds Orion Platform 2020.2.1 This vulnerability allows remote attackers to create arbitrary files on affected installations of SolarWinds Orion Platform 2020.2.1. | 9.0 |
2021-02-03 | CVE-2021-25274 | Deserialization of Untrusted Data vulnerability in Solarwinds Orion Platform The Collector Service in SolarWinds Orion Platform before 2020.2.4 uses MSMQ (Microsoft Message Queue) and doesn't set permissions on its private queues. | 10.0 |
2020-12-29 | CVE-2020-10148 | Improper Authentication vulnerability in Solarwinds Orion Platform 2019.4/2020.2/2020.2.1 The SolarWinds Orion API is vulnerable to an authentication bypass that could allow a remote attacker to execute API commands. | 9.8 |
2020-12-16 | CVE-2020-25617 | Path Traversal vulnerability in Solarwinds N-Central 12.3.0.670 An issue was discovered in SolarWinds N-Central 12.3.0.670. | 9.0 |
2020-12-16 | CVE-2020-25618 | OS Command Injection vulnerability in Solarwinds N-Central 12.3.0.670 An issue was discovered in SolarWinds N-Central 12.3.0.670. | 9.0 |
2020-05-07 | CVE-2020-12608 | Incorrect Default Permissions vulnerability in Solarwinds Managed Service Provider Patch Management Engine An issue was discovered in SolarWinds MSP PME (Patch Management Engine) Cache Service before 1.1.15 in the Advanced Monitoring Agent. | 9.3 |