Solarwinds Solarwinds Platform
41 CVEs affecting Solarwinds Solarwinds Platform. Latest disclosed: 2025-02-11. Critical: 0, High: 31.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2023-40061 | High | 8.8 | 2023-11-01 | Insecure job execution mechanism vulnerability. This vulnerability can lead to other attacks as a result. |
CVE-2022-36964 | High | 8.8 | 2022-11-29 | SolarWinds Platform was susceptible to the Deserialization of Untrusted Data. This vulnerability allows a remote adversary with valid access to SolarWinds Web… |
CVE-2022-36960 | High | 8.8 | 2022-11-29 | SolarWinds Platform was susceptible to Improper Input Validation. This vulnerability allows a remote adversary with valid access to SolarWinds Web Console to e… |
CVE-2022-36958 | High | 8.8 | 2022-10-20 | SolarWinds Platform was susceptible to the Deserialization of Untrusted Data. This vulnerability allows a remote adversary with valid access to SolarWinds Web… |
CVE-2023-35188 | High | 8.0 | 2024-02-06 | SQL Injection Remote Code Execution Vulnerability was found using a create statement in the SolarWinds Platform. This vulnerability requires user authenticati… |
CVE-2023-50395 | High | 8.0 | 2024-02-06 | SQL Injection Remote Code Execution Vulnerability was found using an update statement in the SolarWinds Platform. This vulnerability requires user authenticat… |
CVE-2023-40056 | High | 8.0 | 2023-11-28 | SQL Injection Remote Code Vulnerability was found in the SolarWinds Platform. This vulnerability can be exploited with a low privileged account. … |
CVE-2023-40062 | High | 8.0 | 2023-11-01 | SolarWinds Platform Incomplete List of Disallowed Inputs Remote Code Execution Vulnerability. If executed, this vulnerability would allow a low-privileged user… |
CVE-2024-29000 | High | 7.9 | 2024-05-20 | The SolarWinds Platform was determined to be affected by a reflected cross-site scripting vulnerability affecting the web console. A high-privileged user and u… |
CVE-2024-45710 | High | 7.8 | 2024-10-16 | SolarWinds Platform is susceptible to an Uncontrolled Search Path Element Local Privilege Escalation vulnerability. This requires a low privilege account and l… |
CVE-2022-47505 | High | 7.8 | 2023-04-21 | The SolarWinds Platform was susceptible to the Local Privilege Escalation Vulnerability. This vulnerability allows a local adversary with a valid system user a… |
CVE-2022-47506 | High | 7.8 | 2023-02-15 | SolarWinds Platform was susceptible to the Directory Traversal Vulnerability. This vulnerability allows a local adversary with authenticated account access to… |
CVE-2024-28996 | High | 7.5 | 2024-06-04 | The SolarWinds Platform was determined to be affected by a SWQL Injection Vulnerability. Attack complexity is high for this vulnerability. |
CVE-2024-29003 | High | 7.5 | 2024-04-18 | The SolarWinds Platform was susceptible to a XSS vulnerability that affects the maps section of the user interface. This vulnerability requires authentication… |
CVE-2024-29001 | High | 7.5 | 2024-04-18 | A SolarWinds Platform SWQL Injection Vulnerability was identified in the user interface. This vulnerability requires authentication and user interaction to be… |
CVE-2023-23843 | High | 7.2 | 2023-07-26 | The SolarWinds Platform was susceptible to the Incorrect Comparison Vulnerability. This vulnerability allows users with administrative access to SolarWinds Web… |
CVE-2023-33224 | High | 7.2 | 2023-07-26 | The SolarWinds Platform was susceptible to the Incorrect Behavior Order Vulnerability. This vulnerability allows users with administrative access to SolarWinds… |
CVE-2023-33225 | High | 7.2 | 2023-07-26 | The SolarWinds Platform was susceptible to the Incorrect Comparison Vulnerability. This vulnerability allows users with administrative access to SolarWinds Web… |
CVE-2023-23844 | High | 7.2 | 2023-07-26 | The SolarWinds Platform was susceptible to the Incorrect Comparison Vulnerability. This vulnerability allows users with administrative access to SolarWinds Web… |
CVE-2023-23836 | High | 7.2 | 2023-02-15 | SolarWinds Platform version 2022.4.1 was found to be susceptible to the Deserialization of Untrusted Data. This vulnerability allows a remote adversary with Or… |