Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
solarwinds orion platform 2019.2 vulnerabilities and exploits
(subscribe to this query)
9
CVSSv2
CVE-2021-35212
An SQL injection Privilege Escalation Vulnerability exists in the Orion Platform reported by the ZDI Team. A blind Boolean SQL injection which could lead to full read/write over the Orion database content including the Orion certificate for any authenticated user.
Solarwinds Orion Platform 2020.2.1
Solarwinds Orion Platform 2020.2.5
Solarwinds Orion Platform 2019.2
Solarwinds Orion Platform 2019.4
Solarwinds Orion Platform 2020.2.4
4.3
CVSSv2
CVE-2019-17127
A Stored Client Side Template Injection (CSTI) with Angular exists in the SolarWinds Orion Platform 2019.2 HF1 in many application forms. An attacker can inject an Angular expression and escape the Angular sandbox to achieve stored XSS. This can lead to privilege escalation.
Solarwinds Orion Platform 2019.2
4.3
CVSSv2
CVE-2019-17125
A Reflected Client Side Template Injection (CSTI) with Angular exists in the SolarWinds Orion Platform 2019.2 HF1 in many forms. An attacker can inject an Angular expression and escape the Angular sandbox to achieve stored XSS.
Solarwinds Orion Platform 2019.2
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3080
log injection
CVE-2024-6041
CVE-2024-37661
XML external entity
CVE-2024-0845
privilege escalation
CVE-2023-37057
CVE-2024-27801
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started