Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
solarwinds orion platform vulnerabilities and exploits
(subscribe to this query)
3.5
CVSSv2
CVE-2021-35240
A security researcher stored XSS via a Help Server setting. This affects customers using Internet Explorer, because they do not support 'rel=noopener'.
Solarwinds Orion Platform
4.3
CVSSv2
CVE-2021-35222
This vulnerability allows malicious users to impersonate users and perform arbitrary actions leading to a Remote Code Execution (RCE) from the Alerts Settings page.
Solarwinds Orion Platform
5.5
CVSSv2
CVE-2021-35221
Improper Access Control Tampering Vulnerability using ImportAlert function which can lead to a Remote Code Execution (RCE) from the Alerts Settings page.
Solarwinds Orion Platform
4
CVSSv2
CVE-2021-35219
ExportToPdfCmd Arbitrary File Read Information Disclosure Vulnerability using ImportAlert function within the Alerts Settings page.
Solarwinds Orion Platform
6.5
CVSSv2
CVE-2021-35220
Command Injection vulnerability in EmailWebPage API which can lead to a Remote Code Execution (RCE) from the Alerts Settings page.
Solarwinds Orion Platform
5.5
CVSSv2
CVE-2021-28674
The node management page in SolarWinds Orion Platform prior to 2020.2.5 HF1 allows an malicious user to create or delete a node (outside of the attacker's perimeter) via an account with write permissions. This occurs because node IDs are predictable (with incrementing number...
Solarwinds Orion Platform
7.2
CVSSv2
CVE-2021-27277
This vulnerability allows local malicious users to escalate privileges on affected installations of SolarWinds Orion Virtual Infrastructure Monitor 2020.2. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulne...
Solarwinds Orion Platform 2020.2
7.5
CVSSv2
CVE-2021-27258
This vulnerability allows remote malicious users to execute escalate privileges on affected installations of SolarWinds Orion Platform 2020.2. Authentication is not required to exploit this vulnerability. The specific flaw exists within the SaveUserSetting endpoint. The issue res...
Solarwinds Orion Platform 2020.2
4.9
CVSSv2
CVE-2021-3109
The custom menu item options page in SolarWinds Orion Platform prior to 2020.2.5 allows Reverse Tabnabbing in the context of an administrator account.
Solarwinds Orion Platform
3.5
CVSSv2
CVE-2020-35856
SolarWinds Orion Platform prior to 2020.2.5 allows stored XSS attacks by an administrator on the Customize View page.
Solarwinds Orion Platform
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-30065
CVE-2024-5843
CVE-2024-30080
code execution
CVE-2024-4577
CVE-2024-26169
wireless
remote code execution
CVE-2024-36103
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »