Lucene search
K
SolarwindsSecurity Event Manager

4 matches found

CVE
CVE
added 2024/03/01 8:55 a.m.131 views

CVE-2024-0692

SolarWinds Security Event Manager (SEM) is affected by CVE-2024-0692 due to a deserialization of untrusted data in the AMF mechanism, enabling unauthenticated remote code execution on adjacent networks. Public sources in connected documents confirm an unauthenticated RCE condition with a high imp...

8.8CVSS9.3AI score0.91557EPSS
In wild
CVE
CVE
added 2022/11/23 12:0 a.m.63 views

CVE-2022-38113

CVE-2022-38113 corresponds to an information-disclosure vulnerability in SolarWinds Security Event Manager (SEM). The issue stems from server response headers disclosing build and service-version information, enabling an attacker to determine software aging and lineage. Public sources consistentl...

5.3CVSS5.2AI score0.00651EPSS
CVE
CVE
added 2022/11/23 12:0 a.m.63 views

CVE-2022-38114

SolarWinds SEM contains a cross-site scripting vulnerability due to improper handling of Content-Length in POST requests (CVE-2022-38114). Connected records specify that versions prior to 2022.4 are affected; updating to 2022.4 or later is the indicated fix. The attack vector involves web-server ...

6.1CVSS6.2AI score0.00511EPSS
CVE
CVE
added 2022/11/23 12:0 a.m.49 views

CVE-2022-38115

CVE-2022-38115 concerns SolarWinds Security Event Manager (SEM) and is described as an insecure-method vulnerability where HTTP methods (e.g., OPTIONS, DELETE, TRACE, PUT) are disclosed. Connected sources indicate SEM versions 2022.2 and prior are affected. The CVSSv3.1 base score is 5.3 (Medium)...

5.3CVSS5.3AI score0.00651EPSS