Known Vulnerabilities for products from SolarWinds

Listed below are 20 of the newest known vulnerabilities associated with the vendor "SolarWinds".

These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.

Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.

Known Vulnerabilities

CVE Shortened Description Severity Publish Date Last Modified
CVE-2022-38108 SolarWinds Platform was susceptible to the Deserialization of Untrusted Data. This vulnerability allows a remote adversary wi... 7.2 - HIGH 2022-10-20 2022-10-20
CVE-2022-36966 Users with Node Management rights were able to view and edit all nodes due to Insufficient control on URL parameter causing i... 5.4 - MEDIUM 2022-10-20 2022-10-20
CVE-2022-36965 Insufficient sanitization of inputs in QoE application input field could lead to stored and Dom based XSS attack. This issue ... 6.1 - MEDIUM 2022-09-30 2022-09-30
CVE-2022-36964 SolarWinds Platform was susceptible to the Deserialization of Untrusted Data. This vulnerability allows a remote adversary wi... 8.8 - HIGH 2022-11-29 2022-11-29
CVE-2022-36962 SolarWinds Platform was susceptible to Command Injection. This vulnerability allows a remote adversary with complete control ... 7.2 - HIGH 2022-11-29 2022-11-29
CVE-2022-36960 SolarWinds Platform was susceptible to Improper Input Validation. This vulnerability allows a remote adversary with valid acc... 8.8 - HIGH 2022-11-29 2022-11-29
CVE-2022-36958 SolarWinds Platform was susceptible to the Deserialization of Untrusted Data. This vulnerability allows a remote adversary wi... 8.8 - HIGH 2022-10-20 2022-10-20
CVE-2022-36957 SolarWinds Platform was susceptible to the Deserialization of Untrusted Data. This vulnerability allows a remote adversary wi... 7.2 - HIGH 2022-10-20 2022-10-20
CVE-2021-35254 ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... 8.8 - HIGH 2022-03-25 2022-03-31
CVE-2021-35251 ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... 5.3 - MEDIUM 2022-03-10 2022-03-15
CVE-2021-35250 ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... 7.5 - HIGH 2022-04-25 2022-05-05
CVE-2021-35249 ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... 4.3 - MEDIUM 2022-05-17 2022-10-27
CVE-2021-35248 It has been reported that any Orion user, e.g. guest accounts can query the Orion.UserSettings entity and enumerate users and... 4.3 - MEDIUM 2021-12-20 2022-07-14
CVE-2021-35247 Serv-U web login screen to LDAP authentication was allowing characters that were not sufficiently sanitized. SolarWinds has u... 5.3 - MEDIUM 2022-01-10 2022-02-10
CVE-2021-35246 ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... 5.3 - MEDIUM 2022-11-23 2022-11-28
CVE-2021-35245 When a user has admin rights in Serv-U Console, the user can move, create and delete any files are able to be accessed on the... 6.8 - MEDIUM 2021-12-06 2022-10-27
CVE-2021-35244 The "Log alert to a file" action within action management enables any Orion Platform user with Orion alert management rights ... 7.2 - HIGH 2021-12-20 2022-03-17
CVE-2021-35243 The HTTP PUT and DELETE methods were enabled in the Web Help Desk web server (12.7.7 and earlier), allowing users to execute ... 7.5 - HIGH 2021-12-23 2022-01-07
CVE-2021-35242 Serv-U server responds with valid CSRFToken when the request contains only Session. 8.8 - HIGH 2021-12-06 2021-12-07
CVE-2021-35240 A security researcher stored XSS via a Help Server setting. This affects customers using Internet Explorer, because they do n... 4.8 - MEDIUM 2021-08-31 2021-09-09

Known software with vulnerabilities from SolarWinds

Type Vendor Product Version
ApplicationSolarwindsAdvanced Monitoring Agent-
ApplicationSolarwindsAdvanced Subnet Calculator9.1
ApplicationSolarwindsCollector2.2.1.0
ApplicationSolarwindsDameware12.1
ApplicationSolarwindsDameware Mini Remote Control4.5.0.0
ApplicationSolarwindsDameware Mini Remote Control Client Agent Service6.9.0.0
ApplicationSolarwindsDameware Remote Support4.5.0.0
ApplicationSolarwindsDamewire Mini Remote Control10.0
ApplicationSolarwindsDatabase Performance Analyzer11.1.457
ApplicationSolarwindsEngineers Editionsolarwinds_engineers_edition
ApplicationSolarwindsExchange Monitor1.0.1.30
ApplicationSolarwindsFirewall Security Manager6.6.5
ApplicationSolarwindsFtp Voyager16.2.0
ApplicationSolarwindsInformation Service2.5.1
ApplicationSolarwindsIntegrated Virtual Infrastructure Monitor1.1.674.0
ApplicationSolarwindsIp Address Manager Web Interface3.0
ApplicationSolarwindsIpmonitor8.50.1158.3
ApplicationSolarwindsJob Engine1.5.2.0
ApplicationSolarwindsKiwi Cattools3.6.0__\(service_edition\)
ApplicationSolarwindsLog And Event Manager6.1

Popular searches for "SolarWinds"

IT Management Software & Remote Monitoring Tools | SolarWinds

www.solarwinds.com

A =IT Management Software & Remote Monitoring Tools | SolarWinds SolarWinds IT monitoring and management tools are built for SysAdmins and network engineers who need powerful and affordable tools. Get a free trial today.

www.solarwinds.com/?CMP=PRD-TAD-SW-MFT_INPRD-MFT-PP go.solarwinds.com/cloud www.solarwinds.com/?source=LaRock www.solarwinds.net www.solarwinds.com/?sid=sctopenglish cts.businesswire.com/ct/CT?anchor=www.solarwinds.com&esheet=52122286&id=smartlink&index=9&lan=en-US&md5=93d1188cf37ffd42d50fe212dd8bcbf2&newsitemid=20191104005517&url=https%3A%2F%2Fwww.solarwinds.com%2F%3FCMP%3D solarwinds.net SolarWinds Information technology Software Network monitoring Information technology management IT service management Database Server (computing) Computer network Application software Cloud computing Programming tool Computer data storage Microsoft Access Shareware Microsoft Product (business) Automation Management Website monitoring