PT-2023-19246 · Solarwinds · Solarwinds Platform

Name of the Vulnerable Software and Affected Versions: SolarWinds Platform affected versions not specified Description: The issue allows users to access the Orion.WebCommunityStrings SWIS schema object, obtaining sensitive information. Recommendations: At the moment, there is no information about...

SolarWinds Platform 信息泄露漏洞

SolarWinds Platform is a unified monitoring, observability, and service management platform from U.S.-based SolarWinds, Inc. An information disclosure vulnerability exists in SolarWinds Platform version 2023.1 and prior versions that originates from a vulnerability that allows a user to access th...

Malicious Package

Overview orion-web is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this package was...

Malicious code in orion-web (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a8aa15eb66151939e86100689fb757fc16fe120517dedab8aaa1b62b61faf5ed Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2022-5123 Malicious code in orion-web (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a8aa15eb66151939e86100689fb757fc16fe120517dedab8aaa1b62b61faf5ed Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...