Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
solarwinds orion platform 2020.2.6 vulnerabilities and exploits
(subscribe to this query)
756
VMScore
CVE-2021-35244
The "Log alert to a file" action within action management enables any Orion Platform user with Orion alert management rights to write to any file. An attacker with Orion alert management rights could use this vulnerability to perform an unrestricted file upload causing ...
Solarwinds Orion Platform
Solarwinds Orion Platform 2020.2.6
578
VMScore
CVE-2021-35234
Numerous exposed dangerous functions within Orion Core has allows for read-only SQL injection leading to privileged escalation. An attacker with low-user privileges may steal password hashes and password salt information.
Solarwinds Orion Platform
Solarwinds Orion Platform 2020.2.6
490
VMScore
CVE-2021-35225
Each authenticated Orion Platform user in a MSP (Managed Service Provider) environment can view and browse all NetPath Services from all that MSP's customers. This can lead to any user having a limited insight into other customer's infrastructure and potential data cros...
Solarwinds Network Performance Monitor
Solarwinds Network Performance Monitor 2020.2.6
356
VMScore
CVE-2021-35248
It has been reported that any Orion user, e.g. guest accounts can query the Orion.UserSettings entity and enumerate users and their basic settings.
Solarwinds Orion Platform
Solarwinds Orion Platform 2020.2.6
312
VMScore
CVE-2021-35238
User with Orion Platform Admin Rights could store XSS through URL POST parameter in CreateExternalWebsite website.
Solarwinds Orion Platform
Solarwinds Orion Platform 2020.2.6
312
VMScore
CVE-2021-35239
A security researcher found a user with Orion map manage rights could store XSS through via text box hyperlink.
Solarwinds Orion Platform
Solarwinds Orion Platform 2020.2.6
NA
CVE-2022-36962
SolarWinds Platform was susceptible to Command Injection. This vulnerability allows a remote adversary with complete control over the SolarWinds database to execute arbitrary commands.
Solarwinds Orion Platform 2020.2.6
Solarwinds Orion Platform
Solarwinds Orion Platform 2022.2
Solarwinds Orion Platform 2022.3
NA
CVE-2022-36960
SolarWinds Platform was susceptible to Improper Input Validation. This vulnerability allows a remote adversary with valid access to SolarWinds Web Console to escalate user privileges.
Solarwinds Orion Platform 2020.2.6
Solarwinds Orion Platform
Solarwinds Orion Platform 2022.2
Solarwinds Orion Platform 2022.3
NA
CVE-2022-36964
SolarWinds Platform was susceptible to the Deserialization of Untrusted Data. This vulnerability allows a remote adversary with valid access to SolarWinds Web Console to execute arbitrary commands.
Solarwinds Orion Platform 2020.2.6
Solarwinds Orion Platform
Solarwinds Orion Platform 2022.2
Solarwinds Orion Platform 2022.3
NA
CVE-2022-36958
SolarWinds Platform was susceptible to the Deserialization of Untrusted Data. This vulnerability allows a remote adversary with valid access to SolarWinds Web Console to execute arbitrary commands.
Solarwinds Orion Platform 2020.2.6
Solarwinds Orion Platform
Solarwinds Orion Platform 2022.2
Solarwinds Orion Platform 2022.3
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23692
CVE-2012-1823
memory leak
CVE-2024-0627
CVE-2024-31402
privilege escalation
CVE-2024-36418
remote code execution
CVE-2024-27844
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »