Skip to main content

Solarwinds Platform

25 CVEs product

Monthly

CVE-2024-52612 MEDIUM This Month

SolarWinds Platform is vulnerable to a reflected cross-site scripting vulnerability. Rated medium severity (CVSS 6.8), this vulnerability is low attack complexity. No vendor patch available.

XSS Solarwinds Platform
NVD
CVSS 3.1
6.8
EPSS
0.3%
CVE-2024-52611 LOW Monitor

The SolarWinds Platform is vulnerable to an information disclosure vulnerability through an error message. Rated low severity (CVSS 3.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Solarwinds Platform
NVD
CVSS 3.1
3.5
EPSS
0.1%
CVE-2024-52606 LOW Monitor

SolarWinds Platform is affected by server-side request forgery vulnerability. Rated low severity (CVSS 3.5), this vulnerability is low attack complexity. No vendor patch available.

SSRF Solarwinds Platform
NVD
CVSS 3.1
3.5
EPSS
0.4%
CVE-2024-45717 MEDIUM This Month

The SolarWinds Platform was susceptible to a XSS vulnerability that affects the search and node information section of the user interface. Rated medium severity (CVSS 4.8), this vulnerability is low attack complexity. No vendor patch available.

XSS Solarwinds Platform
NVD
CVSS 3.1
4.8
EPSS
0.4%
CVE-2024-45715 MEDIUM This Month

The SolarWinds Platform was susceptible to a Cross-Site Scripting vulnerability when performing an edit function to existing elements. Rated medium severity (CVSS 5.2), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

XSS Solarwinds Platform
NVD
CVSS 3.1
5.2
EPSS
0.3%
CVE-2024-45710 HIGH This Week

SolarWinds Platform is susceptible to an Uncontrolled Search Path Element Local Privilege Escalation vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Solarwinds Platform
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2024-29004 MEDIUM This Month

The SolarWinds Platform was determined to be affected by a stored cross-site scripting vulnerability affecting the web console. Rated medium severity (CVSS 4.3), this vulnerability is low attack complexity. No vendor patch available.

XSS Solarwinds Platform
NVD
CVSS 3.1
4.3
EPSS
0.3%
CVE-2024-28999 HIGH POC THREAT This Week

The SolarWinds Platform was determined to be affected by a Race Condition Vulnerability affecting the web console. Rated high severity (CVSS 7.5), this vulnerability is no authentication required. Public exploit code available and no vendor patch available.

Race Condition Information Disclosure Solarwinds Platform
NVD Exploit-DB
CVSS 3.1
7.5
EPSS
13.9%
CVE-2024-28996 HIGH This Week

The SolarWinds Platform was determined to be affected by a SWQL Injection Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is no authentication required. No vendor patch available.

SQLi Solarwinds Platform
NVD
CVSS 3.1
7.5
EPSS
0.3%
CVE-2024-29000 MEDIUM This Month

The SolarWinds Platform was determined to be affected by a reflected cross-site scripting vulnerability affecting the web console. Rated medium severity (CVSS 4.3), this vulnerability is low attack complexity. No vendor patch available.

XSS Solarwinds Platform
NVD
CVSS 3.1
4.3
EPSS
0.5%
CVE-2024-29003 MEDIUM This Month

The SolarWinds Platform was susceptible to a XSS vulnerability that affects the maps section of the user interface. Rated medium severity (CVSS 4.8), this vulnerability is low attack complexity. No vendor patch available.

XSS Solarwinds Platform
NVD
CVSS 3.1
4.8
EPSS
0.7%
CVE-2024-29001 HIGH This Week

A SolarWinds Platform SWQL Injection Vulnerability was identified in the user interface. Rated high severity (CVSS 7.4), this vulnerability is low attack complexity. No vendor patch available.

SQLi Solarwinds Platform
NVD
CVSS 3.1
7.4
EPSS
0.6%
CVE-2024-28076 LOW Monitor

The SolarWinds Platform was susceptible to a Arbitrary Open Redirection Vulnerability. Rated low severity (CVSS 3.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Open Redirect Solarwinds Platform
NVD
CVSS 3.1
3.8
EPSS
0.3%
CVE-2023-40056 HIGH This Week

SQL Injection Remote Code Vulnerability was found in the SolarWinds Platform. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Solarwinds Platform
NVD
CVSS 3.1
8.8
EPSS
4.8%
CVE-2023-40062 HIGH PATCH This Week

SolarWinds Platform Incomplete List of Disallowed Inputs Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

RCE Solarwinds Platform
NVD
CVSS 3.1
8.8
EPSS
2.7%
CVE-2023-40061 HIGH This Week

Insecure job execution mechanism vulnerability. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Solarwinds Platform
NVD
CVSS 3.1
8.8
EPSS
0.4%
CVE-2023-3622 MEDIUM This Month

Access Control Bypass Vulnerability in the SolarWinds Platform that allows an underprivileged user to read arbitrary resource. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Solarwinds Platform
NVD
CVSS 3.1
4.3
EPSS
0.7%
CVE-2023-33229 LOW Monitor

The SolarWinds Platform was susceptible to the Incorrect Input Neutralization Vulnerability. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Code Injection Solarwinds Platform
NVD
CVSS 3.1
3.5
EPSS
0.8%
CVE-2023-33225 HIGH This Week

The SolarWinds Platform was susceptible to the Incorrect Comparison Vulnerability. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Solarwinds Platform
NVD
CVSS 3.1
7.2
EPSS
3.3%
CVE-2023-33224 HIGH This Week

The SolarWinds Platform was susceptible to the Incorrect Behavior Order Vulnerability. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Solarwinds Platform
NVD
CVSS 3.1
7.2
EPSS
2.8%
CVE-2023-23844 HIGH This Week

The SolarWinds Platform was susceptible to the Incorrect Comparison Vulnerability. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Solarwinds Platform
NVD
CVSS 3.1
7.2
EPSS
3.0%
CVE-2023-23843 HIGH This Week

The SolarWinds Platform was susceptible to the Incorrect Comparison Vulnerability. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Solarwinds Platform
NVD
CVSS 3.1
7.2
EPSS
2.6%
CVE-2023-23839 MEDIUM This Month

The SolarWinds Platform was susceptible to the Exposure of Sensitive Information Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Solarwinds Platform
NVD
CVSS 3.1
6.5
EPSS
1.1%
CVE-2022-47512 MEDIUM This Month

Sensitive information was stored in plain text in a file that is accessible by a user with a local account in Hybrid Cloud Observability (HCO)/ SolarWinds Platform 2022.4. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Solarwinds Platform
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2022-36965 MEDIUM This Month

Insufficient sanitization of inputs in QoE application input field could lead to stored and Dom based XSS attack. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Solarwinds Platform
NVD
CVSS 3.1
6.1
EPSS
0.6%
EPSS 0% CVSS 6.8
MEDIUM This Month

SolarWinds Platform is vulnerable to a reflected cross-site scripting vulnerability. Rated medium severity (CVSS 6.8), this vulnerability is low attack complexity. No vendor patch available.

XSS Solarwinds Platform
NVD
EPSS 0% CVSS 3.5
LOW Monitor

The SolarWinds Platform is vulnerable to an information disclosure vulnerability through an error message. Rated low severity (CVSS 3.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Solarwinds Platform
NVD
EPSS 0% CVSS 3.5
LOW Monitor

SolarWinds Platform is affected by server-side request forgery vulnerability. Rated low severity (CVSS 3.5), this vulnerability is low attack complexity. No vendor patch available.

SSRF Solarwinds Platform
NVD
EPSS 0% CVSS 4.8
MEDIUM This Month

The SolarWinds Platform was susceptible to a XSS vulnerability that affects the search and node information section of the user interface. Rated medium severity (CVSS 4.8), this vulnerability is low attack complexity. No vendor patch available.

XSS Solarwinds Platform
NVD
EPSS 0% CVSS 5.2
MEDIUM This Month

The SolarWinds Platform was susceptible to a Cross-Site Scripting vulnerability when performing an edit function to existing elements. Rated medium severity (CVSS 5.2), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

XSS Solarwinds Platform
NVD
EPSS 0% CVSS 7.8
HIGH This Week

SolarWinds Platform is susceptible to an Uncontrolled Search Path Element Local Privilege Escalation vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Solarwinds Platform
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

The SolarWinds Platform was determined to be affected by a stored cross-site scripting vulnerability affecting the web console. Rated medium severity (CVSS 4.3), this vulnerability is low attack complexity. No vendor patch available.

XSS Solarwinds Platform
NVD
EPSS 14% CVSS 7.5
HIGH POC THREAT This Week

The SolarWinds Platform was determined to be affected by a Race Condition Vulnerability affecting the web console. Rated high severity (CVSS 7.5), this vulnerability is no authentication required. Public exploit code available and no vendor patch available.

Race Condition Information Disclosure Solarwinds Platform
NVD Exploit-DB
EPSS 0% CVSS 7.5
HIGH This Week

The SolarWinds Platform was determined to be affected by a SWQL Injection Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is no authentication required. No vendor patch available.

SQLi Solarwinds Platform
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

The SolarWinds Platform was determined to be affected by a reflected cross-site scripting vulnerability affecting the web console. Rated medium severity (CVSS 4.3), this vulnerability is low attack complexity. No vendor patch available.

XSS Solarwinds Platform
NVD
EPSS 1% CVSS 4.8
MEDIUM This Month

The SolarWinds Platform was susceptible to a XSS vulnerability that affects the maps section of the user interface. Rated medium severity (CVSS 4.8), this vulnerability is low attack complexity. No vendor patch available.

XSS Solarwinds Platform
NVD
EPSS 1% CVSS 7.4
HIGH This Week

A SolarWinds Platform SWQL Injection Vulnerability was identified in the user interface. Rated high severity (CVSS 7.4), this vulnerability is low attack complexity. No vendor patch available.

SQLi Solarwinds Platform
NVD
EPSS 0% CVSS 3.8
LOW Monitor

The SolarWinds Platform was susceptible to a Arbitrary Open Redirection Vulnerability. Rated low severity (CVSS 3.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Open Redirect Solarwinds Platform
NVD
EPSS 5% CVSS 8.8
HIGH This Week

SQL Injection Remote Code Vulnerability was found in the SolarWinds Platform. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Solarwinds Platform
NVD
EPSS 3% CVSS 8.8
HIGH PATCH This Week

SolarWinds Platform Incomplete List of Disallowed Inputs Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

RCE Solarwinds Platform
NVD
EPSS 0% CVSS 8.8
HIGH This Week

Insecure job execution mechanism vulnerability. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Solarwinds Platform
NVD
EPSS 1% CVSS 4.3
MEDIUM This Month

Access Control Bypass Vulnerability in the SolarWinds Platform that allows an underprivileged user to read arbitrary resource. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Solarwinds Platform
NVD
EPSS 1% CVSS 3.5
LOW Monitor

The SolarWinds Platform was susceptible to the Incorrect Input Neutralization Vulnerability. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Code Injection Solarwinds Platform
NVD
EPSS 3% CVSS 7.2
HIGH This Week

The SolarWinds Platform was susceptible to the Incorrect Comparison Vulnerability. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Solarwinds Platform
NVD
EPSS 3% CVSS 7.2
HIGH This Week

The SolarWinds Platform was susceptible to the Incorrect Behavior Order Vulnerability. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Solarwinds Platform
NVD
EPSS 3% CVSS 7.2
HIGH This Week

The SolarWinds Platform was susceptible to the Incorrect Comparison Vulnerability. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Solarwinds Platform
NVD
EPSS 3% CVSS 7.2
HIGH This Week

The SolarWinds Platform was susceptible to the Incorrect Comparison Vulnerability. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Solarwinds Platform
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

The SolarWinds Platform was susceptible to the Exposure of Sensitive Information Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Solarwinds Platform
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

Sensitive information was stored in plain text in a file that is accessible by a user with a local account in Hybrid Cloud Observability (HCO)/ SolarWinds Platform 2022.4. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Solarwinds Platform
NVD
EPSS 1% CVSS 6.1
MEDIUM This Month

Insufficient sanitization of inputs in QoE application input field could lead to stored and Dom based XSS attack. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Solarwinds Platform
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy