Known Vulnerabilities for Kiwi Syslog Server by Solarwinds
Listed below are 5 of the newest known vulnerabilities associated with "Kiwi Syslog Server" by "Solarwinds".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2021-35237 | A missing HTTP header (X-Frame-Options) in Kiwi Syslog Server has left customers vulnerable to click jacking. Clickjacking is... | 4.3 - MEDIUM | 2021-10-29 | 2023-08-03 |
| CVE-2021-35236 | The Secure flag is not set in the SSL Cookie of Kiwi Syslog Server 9.7.2 and previous versions. The Secure attribute tells th... | 5.3 - MEDIUM | 2021-10-27 | 2022-10-27 |
| CVE-2021-35235 | The ASP.NET debug feature is enabled by default in Kiwi Syslog Server 9.7.2 and previous versions. ASP.NET allows remote debu... | 5.3 - MEDIUM | 2021-10-27 | 2021-10-28 |
| CVE-2021-35233 | The HTTP TRACK & TRACE methods were enabled in Kiwi Syslog Server 9.7.1 and earlier. These methods are intended for diagnosti... | 5.3 - MEDIUM | 2021-10-27 | 2021-10-28 |
| CVE-2021-35231 | As a result of an unquoted service path vulnerability present in the Kiwi Syslog Server Installation Wizard, a local attacker... | 6.7 - MEDIUM | 2021-10-25 | 2021-10-28 |