Vulnerabilities > Solarwinds > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-06-15 | CVE-2023-23841 | Cleartext Transmission of Sensitive Information vulnerability in Solarwinds Serv-U SolarWinds Serv-U is submitting an HTTP request when changing or updating the attributes for File Share or File request.? Part of the URL of the request discloses sensitive data. | 7.5 |
| 2023-04-25 | CVE-2023-23837 | Improper Handling of Exceptional Conditions vulnerability in Solarwinds Database Performance Analyzer No exception handling vulnerability which revealed sensitive or excessive information to users. | 7.5 |
| 2023-04-21 | CVE-2022-36963 | Code Injection vulnerability in Solarwinds Orion Platform The SolarWinds Platform was susceptible to the Command Injection Vulnerability. | 7.2 |
| 2023-04-21 | CVE-2022-47505 | Improper Privilege Management vulnerability in Solarwinds Orion Platform The SolarWinds Platform was susceptible to the Local Privilege Escalation Vulnerability. | 7.8 |
| 2023-02-15 | CVE-2022-38111 | Deserialization of Untrusted Data vulnerability in Solarwinds Orion Platform 2022.4.1 SolarWinds Platform was susceptible to the Deserialization of Untrusted Data. | 7.2 |
| 2023-02-15 | CVE-2022-47503 | Deserialization of Untrusted Data vulnerability in Solarwinds Orion Platform 2022.4.1 SolarWinds Platform was susceptible to the Deserialization of Untrusted Data. | 7.2 |
| 2023-02-15 | CVE-2022-47504 | Deserialization of Untrusted Data vulnerability in Solarwinds Orion Platform 2022.4.1 SolarWinds Platform was susceptible to the Deserialization of Untrusted Data. | 7.2 |
| 2023-02-15 | CVE-2022-47506 | Path Traversal vulnerability in Solarwinds Orion Platform 2022.4.1 SolarWinds Platform was susceptible to the Directory Traversal Vulnerability. | 7.8 |
| 2023-02-15 | CVE-2022-47507 | Deserialization of Untrusted Data vulnerability in Solarwinds Orion Platform 2022.4.1 SolarWinds Platform was susceptible to the Deserialization of Untrusted Data. | 7.2 |
| 2023-02-15 | CVE-2022-47508 | Unspecified vulnerability in Solarwinds Server and Application Monitor 2022.4 Customers who had configured their polling to occur via Kerberos did not expect NTLM Traffic on their environment, but since we were querying for data via IP address this prevented us from utilizing Kerberos. | 7.5 |