15 matches found
EUVD-1999-0799
Malware in sbrugna...
EUVD-2021-21868
Malware in sbrugna...
CVE-2021-35225
Each authenticated Orion Platform user in a MSP Managed Service Provider environment can view and browse all NetPath Services from all that MSP's customers. This can lead to any user having a limited insight into other customer's infrastructure and potential data cross-contamination...
CVE-2021-35225
Each authenticated Orion Platform user in a MSP Managed Service Provider environment can view and browse all NetPath Services from all that MSP's customers. This can lead to any user having a limited insight into other customer's infrastructure and potential data cross-contamination...
Cross site scripting
Each authenticated Orion Platform user in a MSP Managed Service Provider environment can view and browse all NetPath Services from all that MSP's customers. This can lead to any user having a limited insight into other customer's infrastructure and potential data cross-contamination...
CVE-2021-35225 Netpath Horizontal Privilege Escalation Vulnerability: NPM 2020.2.5
Each authenticated Orion Platform user in a MSP Managed Service Provider environment can view and browse all NetPath Services from all that MSP's customers. This can lead to any user having a limited insight into other customer's infrastructure and potential data cross-contamination...
CVE-2021-35225
CVE-2021-35225 affects SolarWinds Orion Platform in MSP environments. The issue allows an authenticated MSP user to view NetPath Services across multiple customers, enabling cross-tenant visibility and potential data exposure. Exploitation details are not provided in the sources. Remediation is c...
CVE-2019-12864
SolarWinds Orion Platform 2018.4 HF3 NPM 12.4, NetPath 1.1.4 is vulnerable to Information Leakage, because of improper error handling with stack traces, as demonstrated by discovering a full pathname upon a 500 Internal Server Error via the api2/swis/query?lang=en-us&swAlertOnError=false query...
CVE-2019-12864
SolarWinds Orion Platform 2018.4 HF3 (NPM 12.4, NetPath 1.1.4) is affected by an Information Leakage vulnerability caused by improper error handling that exposes stack traces and a full pathname on a 500 Internal Server Error. The issue is demonstrated via the api2/swis/query?lang=en-us&swAlertOn...
CVE-2019-12863
CVE-2019-12863 affects SolarWinds Orion Platform 2018.4 HF3 (NPM 12.4, NetPath 1.1.4). The vulnerability is a stored HTML injection via the Web Console Settings screen, reported as an input/output issue in the web interface and attributable to administrators being able to inject HTML. The availab...
CVE-2019-12954
SolarWinds Network Performance Monitor (Orion Platform 2018, NPM 12.3, NetPath 1.1.3) is affected by an XSS vulnerability that can be triggered by authenticated users via a crafted onerror attribute of a VIDEO element in an ALERT action. This is the stated vulnerability pattern; the root cause is...
SolarWinds NetPath Detection (Windows SMB Login)
SMB login-based detection of SolarWinds NetPath. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-1999-0818
Buffer overflow in Solaris kcmsconfigure via a long NETPATH environmental variable...
CVE-1999-0818
CVE-1999-0818 notes a buffer overflow in Solaris kcms_configure triggered by a long NETPATH environment variable. The vulnerability is local (attack vector Local) with low attack complexity and no authentication, and it has complete impact on confidentiality, integrity, and availability (C:C/I:C/...
CVE-1999-0818
Buffer overflow in Solaris kcmsconfigure via a long NETPATH environmental variable...