Show filters
291 Total Results
Displaying 61-70 of 291
Sort by:
Attacker Value
Unknown

CVE-2024-28073

Disclosure Date: April 17, 2024 (last updated February 11, 2025)
SolarWinds Serv-U was found to be susceptible to a Directory Traversal Remote Code Vulnerability. This vulnerability requires a highly privileged account to be exploited.
Attack Vector: NetworkPrivileges: HighUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2024-0692

Disclosure Date: March 01, 2024 (last updated January 22, 2025)
The SolarWinds Security Event Manager was susceptible to Remote Code Execution Vulnerability. This vulnerability allows an unauthenticated user to abuse SolarWinds’ service, resulting in remote code execution.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2024-23479

Disclosure Date: February 15, 2024 (last updated February 21, 2024)
SolarWinds Access Rights Manager (ARM) was found to be susceptible to a Directory Traversal Remote Code Execution Vulnerability. If exploited, this vulnerability allows an unauthenticated user to achieve a Remote Code Execution.
Attack Vector: Adjacent NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2024-23478

Disclosure Date: February 15, 2024 (last updated February 21, 2024)
SolarWinds Access Rights Manager (ARM) was found to be susceptible to a Remote Code Execution Vulnerability. If exploited, this vulnerability allows an authenticated user to abuse a SolarWinds service, resulting in remote code execution.
Attack Vector: Adjacent NetworkPrivileges: LowUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2024-23477

Disclosure Date: February 15, 2024 (last updated February 21, 2024)
The SolarWinds Access Rights Manager (ARM) was found to be susceptible to a Directory Traversal Remote Code Execution Vulnerability. If exploited, this vulnerability allows an unauthenticated user to achieve a Remote Code Execution.
Attack Vector: Adjacent NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2024-23476

Disclosure Date: February 15, 2024 (last updated February 21, 2024)
The SolarWinds Access Rights Manager (ARM) was found to be susceptible to a Directory Traversal Remote Code Execution Vulnerability. If exploited, this vulnerability allows an unauthenticated user to achieve the Remote Code Execution.
Attack Vector: Adjacent NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2023-40057

Disclosure Date: February 15, 2024 (last updated February 21, 2024)
The SolarWinds Access Rights Manager was found to be susceptible to a Remote Code Execution Vulnerability. If exploited, this vulnerability allows an authenticated user to abuse a SolarWinds service resulting in remote code execution.
Attack Vector: Adjacent NetworkPrivileges: LowUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2023-50395

Disclosure Date: February 06, 2024 (last updated February 14, 2024)
SQL Injection Remote Code Execution Vulnerability was found using an update statement in the SolarWinds Platform. This vulnerability requires user authentication to be exploited
Attack Vector: NetworkPrivileges: LowUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2023-35188

Disclosure Date: February 06, 2024 (last updated February 14, 2024)
SQL Injection Remote Code Execution Vulnerability was found using a create statement in the SolarWinds Platform. This vulnerability requires user authentication to be exploited.
Attack Vector: NetworkPrivileges: LowUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2023-40058

Disclosure Date: December 21, 2023 (last updated January 05, 2024)
Sensitive data was added to our public-facing knowledgebase that, if exploited, could be used to access components of Access Rights Manager (ARM) if the threat actor is in the same environment.
Attack Vector: Adjacent NetworkPrivileges: NoneUser Interaction: None
0
0
View More Topics  < Previous  Next >