Lucene search
K

243 matches found

CNNVD
CNNVD
added 2024/10/16 12:0 a.m.4 views

SolarWinds Platform 代码问题漏洞

SolarWinds Platform is a unified monitoring, observability, and service management platform from U.S.-based SolarWinds, Inc. A code issue vulnerability exists in SolarWinds Platform versions 2024.2.1 and earlier, which stems from vulnerability to an uncontrolled local elevation of privilege...

7.8CVSS6.7AI score0.00279EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/09/05 12:0 a.m.4 views

PT-2024-9683 · Solarwinds · Solarwinds Platform

Name of the Vulnerable Software and Affected Versions: SolarWinds Platform affected versions not specified Description: The issue is related to a lack of protection for the web page structure in the Search/Node Information Section component of the SolarWinds Platform user interface. This allows a...

7.4CVSS6.2AI score0.0037EPSS
Exploits0References11
Positive Technologies
Positive Technologies
added 2024/09/05 12:0 a.m.4 views

PT-2024-7446 · Solarwinds · Solarwinds Platform

Name of the Vulnerable Software and Affected Versions: SolarWinds Platform affected versions not specified Description: The issue is related to an Uncontrolled Search Path Element Local Privilege Escalation. It requires a low privilege account and local access to the affected node machine. This c...

7.8CVSS5.9AI score0.00279EPSS
Exploits0References12
BDU FSTEC
BDU FSTEC
added 2024/07/08 12:0 a.m.5 views

The vulnerability of the Orion Login.aspx page of the SolarWinds Platform’s network monitoring and IT infrastructure management software allows a perpetrator to carry out a brute-force attack.

The vulnerability of the Orion Login.aspx page of the SolarWinds IT infrastructure monitoring and management software is related to synchronization errors when using a common resource. Exploiting this vulnerability could allow a malicious actor to carry out a brute-force attack...

6.4CVSS6.8AI score0.13913EPSS
Exploits4References6Affected Software1
Packet Storm
Packet Storm
added 2024/06/26 12:0 a.m.342 views

SolarWinds Platform 2024.1 SR1 Race Condition

Exploit Title: SolarWinds Platform 2024.1 SR1 - Race Condition CVE: CVE-2024-28999 Affected Versions: SolarWinds Platform 2024.1 SR 1 and previous versions Author: Elhussain Fathy, AKA 0xSphinx import requests import urllib3 import asyncio import aiohttp...

7.5CVSS7.1AI score0.13913EPSS
Exploits4
GithubExploit
GithubExploit
added 2024/06/22 1:39 p.m.590 views

Exploit for Race Condition in Solarwinds Solarwinds_Platform

CVE-2024-28999 Exploit for CVE-2024-28999 SolarWinds Platform...

7.5CVSS7.6AI score0.13913EPSS
Exploits4
NCSC
NCSC
added 2024/06/07 6:26 a.m.12 views

Vulnerabilities fixed in Solarwinds Platform

Solarwinds has fixed vulnerabilities in Solarwinds Platform. A malicious party can exploit the vulnerabilities to cause a Denial-of-Service, execute a command injection, or perform a Cross-Site-Scripting attack. Such an attack can result in execution of arbitrary code in the victim's browser. For...

7.5CVSS7.9AI score0.70561EPSS
Exploits10References4
BDU FSTEC
BDU FSTEC
added 2024/06/07 12:0 a.m.7 views

The vulnerability of the software for network monitoring and control of IT infrastructure on the SolarWinds Platform lies in the lack of protective measures for the SQL query structure, allowing attackers to execute arbitrary SQL code.

The vulnerability of the software for network monitoring and control of IT infrastructure on the SolarWinds Platform is related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL code remotely...

7.5CVSS7.1AI score0.00349EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2024/06/04 3:15 p.m.4 views

CVE-2024-29004

The SolarWinds Platform was determined to be affected by a stored cross-site scripting vulnerability affecting the web console. A high-privileged user and user interaction is required to exploit this vulnerability...

4.3CVSS5.6AI score0.0032EPSS
Exploits0References2
OSV
OSV
added 2024/06/04 3:15 p.m.3 views

CVE-2024-28999

The SolarWinds Platform was determined to be affected by a Race Condition Vulnerability affecting the web console...

7.5CVSS5.8AI score0.13913EPSS
Exploits4References2
OSV
OSV
added 2024/06/04 3:15 p.m.4 views

CVE-2024-28996

The SolarWinds Platform was determined to be affected by a SWQL Injection Vulnerability. Attack complexity is high for this vulnerability...

7.5CVSS5.7AI score0.00349EPSS
Exploits0References2
OSV
OSV
added 2024/05/20 7:15 p.m.4 views

CVE-2024-29000

The SolarWinds Platform was determined to be affected by a reflected cross-site scripting vulnerability affecting the web console. A high-privileged user and user interaction is required to exploit this vulnerability...

4.3CVSS5.7AI score0.00463EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/05/20 12:0 a.m.5 views

SolarWinds Platform 跨站脚本漏洞

SolarWinds Platform is a unified monitoring, observability, and service management platform from U.S.-based SolarWinds, Inc. A cross-site scripting vulnerability exists in SolarWinds Platform that stems from the Web console's susceptibility to cross-site scripting vulnerabilities...

7.9CVSS6.2AI score0.00463EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2024/04/26 12:0 a.m.6 views

The vulnerability of the user interface of SolarWinds Platform’s network monitoring and IT infrastructure management software allows a hacker to execute arbitrary code.

The vulnerability of the user interface of SolarWinds software for network monitoring and IT infrastructure management is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

7.5CVSS6.1AI score0.0059EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2024/04/19 12:0 a.m.64 views

SolarWinds Platform 2024.0 < 2024.1.1 Multiple Vulnerabilities XSS

The version of SolarWinds Platform installed on the remote host is prior to 2024.1.1. It is, therefore, affected by multiple vulnerabilities as referenced in the solarwindsplatform20241sr1 advisory. - The SolarWinds Platform was susceptible to a Arbitrary Open Redirection Vulnerability. A potenti...

7.9CVSS5.3AI score0.00696EPSS
Exploits0References8
OSV
OSV
added 2024/04/18 10:15 a.m.3 views

CVE-2024-29003

The SolarWinds Platform was susceptible to a XSS vulnerability that affects the maps section of the user interface. This vulnerability requires authentication and requires user interaction...

4.8CVSS5.8AI score0.00696EPSS
Exploits0References2
NVD
NVD
added 2024/04/18 10:15 a.m.16 views

CVE-2024-29003

The SolarWinds Platform was susceptible to a XSS vulnerability that affects the maps section of the user interface. This vulnerability requires authentication and requires user interaction...

7.5CVSS7.5AI score0.00696EPSS
Exploits0References2
OSV
OSV
added 2024/04/18 9:15 a.m.4 views

CVE-2024-28076

The SolarWinds Platform was susceptible to a Arbitrary Open Redirection Vulnerability. A potential attacker can redirect to different domain when using URL parameter with relative entry in the correct format...

3.8CVSS5.8AI score0.00341EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/04/18 12:0 a.m.5 views

PT-2024-7954 · Solarwinds · Solarwinds Platform

Name of the Vulnerable Software and Affected Versions: SolarWinds Platform versions prior to 2024.1 Description: The issue is related to a reflected cross-site scripting vulnerability in the web console of the SolarWinds Platform. This vulnerability requires a high-privileged user and user...

7.9CVSS6.5AI score0.00463EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2024/04/18 12:0 a.m.5 views

PT-2024-3094 · Solarwinds · Solarwinds Platform

Name of the Vulnerable Software and Affected Versions: SolarWinds Platform affected versions not specified Description: A vulnerability was identified in the user interface of the SolarWinds Platform, related to a SWQL injection issue. This vulnerability requires authentication and user interacti...

8CVSS8.4AI score0.0059EPSS
Exploits0References6
Rows per page
Query Builder