Known Vulnerabilities for products from Solarwinds
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Solarwinds".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-28298 json | SolarWinds Observability Self-Hosted was found to be affected by a stored cross-site scripting vulnerability, which when expl... | Not Provided | 2026-03-26 | 2026-03-31 |
| CVE-2026-28297 json | SolarWinds Observability Self-Hosted was found to be affected by a stored cross-site scripting vulnerability, which when expl... | Not Provided | 2026-03-26 | 2026-03-31 |
| CVE-2023-40062 json | SolarWinds Platform Incomplete List of Disallowed Inputs Remote Code Execution Vulnerability. If executed, this vulnerability... | 8.8 - HIGH | 2023-11-01 | 2023-11-09 |
| CVE-2023-40061 json | Insecure job execution mechanism vulnerability. This vulnerability can lead to other attacks as a result. | 9.8 - CRITICAL | 2023-11-01 | 2023-11-09 |
| CVE-2023-40060 json | A vulnerability has been identified within Serv-U 15.4 and 15.4 Hotfix 1 that, if exploited, allows an actor to bypass multi-... | 7.2 - HIGH | 2023-09-07 | 2023-09-14 |
| CVE-2023-40058 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 6.5 - MEDIUM | 2023-12-21 | 2024-02-02 |
| CVE-2023-40056 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 8.8 - HIGH | 2023-11-28 | 2023-12-04 |
| CVE-2023-40055 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 8.8 - HIGH | 2023-11-09 | 2023-11-17 |
| CVE-2023-40054 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 8.8 - HIGH | 2023-11-09 | 2023-11-17 |
| CVE-2023-35187 json | The SolarWinds Access Rights Manager was susceptible to a Directory Traversal Remote Code Vulnerability. This vulnerability a... | 9.8 - CRITICAL | 2023-10-19 | 2023-10-25 |
| CVE-2023-35186 json | The SolarWinds Access Rights Manager was susceptible to Remote Code Execution Vulnerability. This vulnerability allows an aut... | 8.8 - HIGH | 2023-10-19 | 2023-10-25 |
| CVE-2023-35185 json | The SolarWinds Access Rights Manager was susceptible to a Directory Traversal Remote Code Vulnerability using SYSTEM privileg... | 7.2 - HIGH | 2023-10-19 | 2023-10-25 |
| CVE-2023-35184 json | The SolarWinds Access Rights Manager was susceptible to Remote Code Execution Vulnerability. This vulnerability allows an una... | 9.8 - CRITICAL | 2023-10-19 | 2023-10-25 |
| CVE-2023-35183 json | The SolarWinds Access Rights Manager was susceptible to Privilege Escalation Vulnerability. This vulnerability allows authent... | 7.8 - HIGH | 2023-10-19 | 2023-10-25 |
| CVE-2023-35182 json | The SolarWinds Access Rights Manager was susceptible to Remote Code Execution Vulnerability. This vulnerability can be abused... | 9.8 - CRITICAL | 2023-10-19 | 2023-10-25 |
| CVE-2023-35181 json | The SolarWinds Access Rights Manager was susceptible to Privilege Escalation Vulnerability. This vulnerability allows users t... | 7.8 - HIGH | 2023-10-19 | 2023-10-25 |
| CVE-2023-35180 json | The SolarWinds Access Rights Manager was susceptible to Remote Code Execution Vulnerability. This vulnerability allows authen... | 8.8 - HIGH | 2023-10-19 | 2023-10-25 |
| CVE-2023-35179 json | A vulnerability has been identified within Serv-U 15.4 that, if exploited, allows an actor to bypass multi-factor/two-factor... | 7.2 - HIGH | 2023-08-11 | 2023-09-14 |
| CVE-2023-33231 json | XSS attack was possible in DPA 2023.2 due to insufficient input validation | 6.1 - MEDIUM | 2023-07-18 | 2023-08-03 |
| CVE-2023-33229 json | The SolarWinds Platform was susceptible to the Incorrect Input Neutralization Vulnerability. This vulnerability allows a remo... | 3.5 - LOW | 2023-07-26 | 2023-10-30 |
Known software with vulnerabilities from Solarwinds
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Solarwinds | Advanced Monitoring Agent | - |
| Application | Solarwinds | Advanced Subnet Calculator | 9.1 |
| Application | Solarwinds | Collector | 2.2.1.0 |
| Application | Solarwinds | Dameware | 12.1 |
| Application | Solarwinds | Dameware Mini Remote Control | 12.0 |
| Application | Solarwinds | Dameware Mini Remote Control Client Agent Service | 6.9.0.0 |
| Application | Solarwinds | Dameware Remote Support | 10.0 |
| Application | Solarwinds | Damewire Mini Remote Control | 10.0 |
| Application | Solarwinds | Database Performance Analyzer | 11.1.457 |
| Application | Solarwinds | Engineers Edition | solarwinds_engineers_edition |
| Application | Solarwinds | Exchange Monitor | 1.0.1.30 |
| Application | Solarwinds | Firewall Security Manager | 6.6.5 |
| Application | Solarwinds | Ftp Voyager | 16.2.0 |
| Application | Solarwinds | Information Service | 2.5.1 |
| Application | Solarwinds | Integrated Virtual Infrastructure Monitor | 1.1.674.0 |
| Application | Solarwinds | Ipmonitor | 10.0.1368.1 |
| Application | Solarwinds | Ip Address Manager Web Interface | 3.0 |
| Application | Solarwinds | Job Engine | 1.5.2.0 |
| Application | Solarwinds | Kiwi Cattools | 3.6.0__\(service_edition\) |
| Application | Solarwinds | Log And Event Manager | 6.1 |