Known Vulnerabilities for Orion Network Performance Monitor by Solarwinds
Listed below are 9 of the newest known vulnerabilities associated with "Orion Network Performance Monitor" by "Solarwinds".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2020-14007 | Solarwinds Orion (with Web Console WPM 2019.4.1, and Orion Platform HF4 or NPM HF2 2019.4) allows XSS via a name of an alert ... | 5.4 - MEDIUM | 2020-06-24 | 2020-07-07 |
| CVE-2020-14006 | Solarwinds Orion (with Web Console WPM 2019.4.1, and Orion Platform HF4 or NPM HF2 2019.4) allows XSS via a Responsible Team. | 5.4 - MEDIUM | 2020-06-24 | 2020-07-07 |
| CVE-2020-14005 | Solarwinds Orion (with Web Console WPM 2019.4.1, and Orion Platform HF4 or NPM HF2 2019.4) allows remote attackers to execute... | 8.8 - HIGH | 2020-06-24 | 2022-10-29 |
| CVE-2019-8917 | SolarWinds Orion NPM before 12.4 suffers from a SYSTEM remote code execution vulnerability in the OrionModuleEngine service. ... | 9.8 - CRITICAL | 2019-02-18 | 2020-08-24 |
| CVE-2014-9566 | Multiple SQL injection vulnerabilities in the Manage Accounts page in the AccountManagement.asmx service in the Solarwinds Or... | 7.5 - HIGH | 2015-03-10 | 2015-03-11 |
| CVE-2012-4939 | Cross-site scripting (XSS) vulnerability in IPAMSummaryView.aspx in the IPAM web interface before 3.0-HotFix1 in SolarWinds O... | 4.3 - MEDIUM | 2012-10-31 | 2012-11-02 |
| CVE-2012-2602 | Multiple cross-site request forgery (CSRF) vulnerabilities in SolarWinds Orion Network Performance Monitor (NPM) before 10.3.... | 6.8 - MEDIUM | 2012-08-12 | 2012-08-13 |
| CVE-2012-2577 | Multiple cross-site scripting (XSS) vulnerabilities in SolarWinds Orion Network Performance Monitor (NPM) before 10.3.1 allow... | 4.3 - MEDIUM | 2012-08-12 | 2017-08-29 |
| CVE-2010-4828 | Multiple cross-site scripting (XSS) vulnerabilities in SolarWinds Orion Network Performance Monitor (NPM) 10.1 allow remote a... | 4.3 - MEDIUM | 2011-08-24 | 2018-10-10 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Solarwinds | Orion Network Performance Monitor | 2019.4 | |||
| Application | Solarwinds | Orion Network Performance Monitor | 12.4 | |||
| Application | Solarwinds | Orion Network Performance Monitor | 12.3 | |||
| Application | Solarwinds | Orion Network Performance Monitor | 12.2 | |||
| Application | Solarwinds | Orion Network Performance Monitor | 12.1 | |||
| Application | Solarwinds | Orion Network Performance Monitor | 12.0.1 | |||
| Application | Solarwinds | Orion Network Performance Monitor | 12.0 | |||
| Application | Solarwinds | Orion Network Performance Monitor | 11.4 | |||
| Application | Solarwinds | Orion Network Performance Monitor | 10.3.1 | |||
| Application | Solarwinds | Orion Network Performance Monitor | 10.3 | |||
| Application | Solarwinds | Orion Network Performance Monitor | 10.2.2 | |||
| Application | Solarwinds | Orion Network Performance Monitor | 10.2.1 | |||
| Application | Solarwinds | Orion Network Performance Monitor | 10.2 | |||
| Application | Solarwinds | Orion Network Performance Monitor | 10.1.13.0 | |||
| Application | Solarwinds | Orion Network Performance Monitor | 10.1 | |||
| Application | Solarwinds | Orion Network Performance Monitor | 10.0 | |||
| Application | Solarwinds | Orion Network Performance Monitor | - |