Database Performance Analyzer@* Security Vulnerabilities and Issues — Database Performance Analyzer@* CVE List

Lucene search

SolarwindsDatabase Performance Analyzer*

6 matches found

CVE•added 2022/04/21 7:15 p.m.•56 views

CVE-2021-35229

Cross-site scripting vulnerability is present in Database Performance Monitor 2022.1.7779 and previous versions when using a complex SQL query

6.8CVSS6.4AI score0.00772EPSS

CVE•added 2023/01/20 6:15 p.m.•44 views

CVE-2022-38112

In DPA 2022.4 and older releases, generated heap memory dumps contain sensitive information in cleartext.

7.5CVSS7.4AI score0.00126EPSS

CVE•added 2023/01/20 6:15 p.m.•43 views

CVE-2022-38110

In Database Performance Analyzer (DPA) 2022.4 and older releases, certain URL vectors are susceptible to authenticated reflected cross-site scripting.

5.4CVSS5.2AI score0.00788EPSS

CVE•added 2023/04/25 6:15 p.m.•42 views

CVE-2023-23837

No exception handling vulnerability which revealed sensitive or excessive information to users.

7.5CVSS7.4AI score0.0047EPSS

CVE•added 2023/07/18 5:15 p.m.•41 views

CVE-2023-33231

XSS attack was possible in DPA 2023.2 due to insufficient input validation

6.1CVSS6AI score0.00492EPSS

CVE•added 2023/04/25 6:15 p.m.•37 views

CVE-2023-23838

Directory traversal and file enumeration vulnerability which allowed users to enumerate to different folders of the server.

6.5CVSS6.5AI score0.00784EPSS