Solarwinds Platform Security Vulnerabilities and Issues — Solarwinds Platform CVE List

Lucene search

SolarwindsSolarwinds Platform

12 matches found

CVE•added 2024/04/18 9:15 a.m.•68 views

CVE-2024-29001

A SolarWinds Platform SWQL Injection Vulnerability was identified in the user interface. This vulnerability requires authentication and user interaction to be exploited.

7.5CVSS7.1AI score0.00043EPSS

CVE•added 2024/06/04 3:15 p.m.•64 views

CVE-2024-28999

The SolarWinds Platform was determined to be affected by a Race Condition Vulnerability affecting the web console.

7.5CVSS6.9AI score0.07294EPSS

CVE•added 2024/04/18 10:15 a.m.•62 views

CVE-2024-29003

The SolarWinds Platform was susceptible to a XSS vulnerability that affects the maps section of the user interface. This vulnerability requires authentication and requires user interaction.

7.5CVSS6.1AI score0.0005EPSS

CVE•added 2024/12/04 7:15 a.m.•62 views

CVE-2024-45717

The SolarWinds Platform was susceptible to a XSS vulnerability that affects the search and node information section of the user interface. This vulnerability requires authentication and requires user interaction.

7CVSS6.7AI score0.00252EPSS

CVE•added 2024/06/04 3:15 p.m.•61 views

CVE-2024-28996

The SolarWinds Platform was determined to be affected by a SWQL Injection Vulnerability. Attack complexity is high for this vulnerability.

7.5CVSS7.8AI score0.00293EPSS

CVE•added 2024/04/18 9:15 a.m.•52 views

CVE-2024-28076

The SolarWinds Platform was susceptible to a Arbitrary Open Redirection Vulnerability. A potential attacker can redirect to different domain when using URL parameter with relative entry in the correct format

7CVSS6.6AI score0.00027EPSS

CVE•added 2024/10/16 8:15 a.m.•52 views

CVE-2024-45710

SolarWinds Platform is susceptible to an Uncontrolled Search Path Element Local Privilege Escalation vulnerability. This requires a low privilege account and local access to the affected node machine.

7.8CVSS7.6AI score0.00159EPSS

CVE•added 2024/06/04 3:15 p.m.•51 views

CVE-2024-29004

The SolarWinds Platform was determined to be affected by a stored cross-site scripting vulnerability affecting the web console. A high-privileged user and user interaction is required to exploit this vulnerability.

7.1CVSS5.7AI score0.00061EPSS

CVE•added 2024/10/16 8:15 a.m.•47 views

CVE-2024-45715

The SolarWinds Platform was susceptible to a Cross-Site Scripting vulnerability when performing an edit function to existing elements.

7.1CVSS6.2AI score0.00246EPSS

CVE•added 2024/05/20 7:15 p.m.•46 views

CVE-2024-29000

The SolarWinds Platform was determined to be affected by a reflected cross-site scripting vulnerability affecting the web console. A high-privileged user and user interaction is required to exploit this vulnerability.

7.9CVSS6AI score0.00108EPSS

CVE•added 2024/02/06 4:15 p.m.•41 views

CVE-2023-50395

SQL Injection Remote Code Execution Vulnerability was found using an update statement in the SolarWinds Platform. This vulnerability requires user authentication to be exploited

8CVSS9AI score0.00802EPSS

CVE•added 2024/02/06 4:15 p.m.•38 views

CVE-2023-35188

SQL Injection Remote Code Execution Vulnerability was found using a create statement in the SolarWinds Platform. This vulnerability requires user authentication to be exploited.

8CVSS9AI score0.00802EPSS