NotCVE - vendor:"SolarWinds"

Page 3 of 290 results (0.006 seconds)

CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0

CVE-2024-23465 – SolarWinds Access Rights Manager (ARM) ChangeHumster Exposed Dangerous Method Authentication Bypass Vulnerability

https://notcve.org/view.php?id=CVE-2024-23465

17 Jul 2024 — The SolarWinds Access Rights Manager was found to be susceptible to an authentication bypass vulnerability. This vulnerability allows an unauthenticated user to gain domain admin access within the Active Directory environment. Se descubrió que SolarWinds Access Rights Manager era susceptible a una vulnerabilidad de omisión de autenticación. Esta vulnerabilidad permite que un usuario no autenticado obtenga acceso de administrador de dominio dentro del entorno de Active Directory. This vulnerability allows re... • https://documentation.solarwinds.com/en/success_center/arm/content/release_notes/arm_2024-3_release_notes.htm • CWE-287: Improper Authentication •

CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0

CVE-2024-23469 – SolarWinds Access Rights Manager Exposed Dangerous Method Remote Code Execution Vulnerability

https://notcve.org/view.php?id=CVE-2024-23469

17 Jul 2024 — SolarWinds Access Rights Manager (ARM) is susceptible to a Remote Code Execution vulnerability. If exploited, this vulnerability allows an unauthenticated user to perform the actions with SYSTEM privileges. SolarWinds Access Rights Manager (ARM) es susceptible a una vulnerabilidad de ejecución remota de código. Si se explota, esta vulnerabilidad permite que un usuario no autenticado realice acciones con privilegios de SYSTEM. This vulnerability allows remote attackers to execute arbitrary code on affected i... • https://documentation.solarwinds.com/en/success_center/arm/content/release_notes/arm_2024-3_release_notes.htm • CWE-20: Improper Input Validation •

CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0

CVE-2024-23475 – SolarWinds Access Rights Manager Directory Traversal and Information Disclosure Vulnerability

https://notcve.org/view.php?id=CVE-2024-23475

17 Jul 2024 — The SolarWinds Access Rights Manager was susceptible to a Directory Traversal and Information Disclosure Vulnerability. This vulnerability allows an unauthenticated user to perform arbitrary file deletion and leak sensitive information. SolarWinds Access Rights Manager era susceptible a una vulnerabilidad de divulgación de información y Directory Traversal. Esta vulnerabilidad permite que un usuario no autenticado realice una eliminación arbitraria de archivos y filtre información confidencial. This vulnera... • https://documentation.solarwinds.com/en/success_center/arm/content/release_notes/arm_2024-3_release_notes.htm • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •

CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0

CVE-2024-23472 – SolarWinds Access Rights Manager Directory Traversal Arbitrary File Deletion and Information Disclosure Vulnerability

https://notcve.org/view.php?id=CVE-2024-23472

17 Jul 2024 — SolarWinds Access Rights Manager (ARM) is susceptible to Directory Traversal vulnerability. This vulnerability allows an authenticated user to arbitrary read and delete files in ARM. SolarWinds Access Rights Manager (ARM) es susceptible a la vulnerabilidad de directory traversal. Esta vulnerabilidad permite a un usuario autenticado leer y eliminar archivos arbitrariamente en ARM. This vulnerability allows remote attackers to read and delete arbitrary files on affected installations of SolarWinds Access Righ... • https://documentation.solarwinds.com/en/success_center/arm/content/release_notes/arm_2024-3_release_notes.htm • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •

CVSS: 9.7EPSS: 0%CPEs: 1EXPL: 0

CVE-2024-28993 – SolarWinds Access Rights Manager Directory Traversal and Information Disclosure Vulnerability

https://notcve.org/view.php?id=CVE-2024-28993

17 Jul 2024 — The SolarWinds Access Rights Manager was susceptible to a Directory Traversal and Information Disclosure Vulnerability. This vulnerability allows an unauthenticated user to perform arbitrary file deletion and leak sensitive information. SolarWinds Access Rights Manager era susceptible a una vulnerabilidad de divulgación de información y Directory Traversal. Esta vulnerabilidad permite que un usuario no autenticado realice una eliminación arbitraria de archivos y filtre información confidencial. • https://documentation.solarwinds.com/en/success_center/arm/content/release_notes/arm_2024-3_release_notes.htm • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •

CVSS: 9.7EPSS: 0%CPEs: 1EXPL: 0

CVE-2024-28992 – SolarWinds Access Rights Manager Directory Traversal and Information Disclosure Vulnerability

https://notcve.org/view.php?id=CVE-2024-28992

CVSS: 9.7EPSS: 0%CPEs: 1EXPL: 0

CVE-2024-23468 – SolarWinds Access Rights Manager Directory Traversal and Information Disclosure Vulnerability

https://notcve.org/view.php?id=CVE-2024-23468

CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0

CVE-2024-23474 – SolarWinds Access Rights Manager (ARM) deleteTransferFile Directory Traversal Arbitrary File Deletion and Information Disclosure Vulnerability

https://notcve.org/view.php?id=CVE-2024-23474

17 Jul 2024 — The SolarWinds Access Rights Manager was found to be susceptible to an Arbitrary File Deletion and Information Disclosure vulnerability. Se descubrió que SolarWinds Access Rights Manager era susceptible a una vulnerabilidad de eliminación arbitraria de archivos y divulgación de información. This vulnerability allows remote attackers to delete arbitrary files and disclose sensitive information on affected installations of SolarWinds Access Rights Manager. Authentication is not required to exploit this vulner... • https://documentation.solarwinds.com/en/success_center/arm/content/release_notes/arm_2024-3_release_notes.htm • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •

CVSS: 8.6EPSS: 97%CPEs: 3EXPL: 10

CVE-2024-28995 – SolarWinds Serv-U Path Traversal Vulnerability

https://notcve.org/view.php?id=CVE-2024-28995

06 Jun 2024 — SolarWinds Serv-U was susceptible to a directory transversal vulnerability that would allow access to read sensitive files on the host machine. SolarWinds Serv-U era susceptible a una vulnerabilidad directory transversal que permitiría el acceso para leer archivos confidenciales en la máquina host. SolarWinds Serv-U contains a path traversal vulnerability that allows an attacker access to read sensitive files on the host machine. • https://packetstorm.news/files/id/180707 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •

CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0

CVE-2024-29004 – SolarWinds Platform Stored XSS Vulnerability

https://notcve.org/view.php?id=CVE-2024-29004

04 Jun 2024 — The SolarWinds Platform was determined to be affected by a stored cross-site scripting vulnerability affecting the web console. A high-privileged user and user interaction is required to exploit this vulnerability. Se determinó que la plataforma SolarWinds estaba afectada por una vulnerabilidad de cross-site scripting almacenado que afectaba a la consola web. Se requiere un usuario con altos privilegios y la interacción del usuario para aprovechar esta vulnerabilidad. • https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/solarwinds_platform_2024-2_release_notes.htm • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

1 2 3 4 5