CVSS: 4.8EPSS: 0%CPEs: 1EXPL: 0CVE-2020-35856
https://notcve.org/view.php?id=CVE-2020-35856
26 Mar 2021 — SolarWinds Orion Platform before 2020.2.5 allows stored XSS attacks by an administrator on the Customize View page. SolarWinds Orion Platform versiones anteriores a 2020.2.5, permite ataques de tipo XSS almacenado por un administrador en la página Customize View. • https://documentation.solarwinds.com/en/Success_Center/orionplatform/Content/Release_Notes/Orion_Platform_2020-2-5_release_notes.htm • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.9EPSS: 0%CPEs: 1EXPL: 0CVE-2021-3109
https://notcve.org/view.php?id=CVE-2021-3109
26 Mar 2021 — The custom menu item options page in SolarWinds Orion Platform before 2020.2.5 allows Reverse Tabnabbing in the context of an administrator account. La página de opciones de elementos de menú personalizado en SolarWinds Orion Platform versiones anteriores a 2020.2.5, permite Tabnabbing inverso en el contexto de una cuenta de administrador. • https://documentation.solarwinds.com/en/Success_Center/orionplatform/Content/Release_Notes/Orion_Platform_2020-2-5_release_notes.htm •
CVSS: 9.0EPSS: 20%CPEs: 1EXPL: 0CVE-2020-27871 – SolarWinds Orion Platform NCM VulnerabilitySettings Directory Traversal Arbitrary File Creation Vulnerability
https://notcve.org/view.php?id=CVE-2020-27871
10 Feb 2021 — This vulnerability allows remote attackers to create arbitrary files on affected installations of SolarWinds Orion Platform 2020.2.1. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within VulnerabilitySettings.aspx. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to execute arbitrary code in the cont... • https://www.zerodayinitiative.com/advisories/ZDI-21-067 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 0CVE-2020-27870 – SolarWinds Orion Platform ExportToPDF Directory Traversal Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2020-27870
10 Feb 2021 — This vulnerability allows remote attackers to disclose sensitive information on affected installations of SolarWinds Orion Platform 2020.2.1. Authentication is required to exploit this vulnerability. The specific flaw exists within ExportToPDF.aspx. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to disclose information in the context of SYSTEM. • https://www.zerodayinitiative.com/advisories/ZDI-21-066 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 10.0EPSS: 9%CPEs: 1EXPL: 1CVE-2021-25274
https://notcve.org/view.php?id=CVE-2021-25274
03 Feb 2021 — The Collector Service in SolarWinds Orion Platform before 2020.2.4 uses MSMQ (Microsoft Message Queue) and doesn't set permissions on its private queues. As a result, remote unauthenticated clients can send messages to TCP port 1801 that the Collector Service will process. Additionally, upon processing of such messages, the service deserializes them in insecure manner, allowing remote arbitrary code execution as LocalSystem. El Collector Service en SolarWinds Orion Platform versiones anteriores a 2020.2.4 u... • https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/full-system-control-with-new-solarwinds-orion-based-and-serv-u-ftp-vulnerabilities • CWE-502: Deserialization of Untrusted Data •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2021-25275
https://notcve.org/view.php?id=CVE-2021-25275
03 Feb 2021 — SolarWinds Orion Platform before 2020.2.4, as used by various SolarWinds products, installs and uses a SQL Server backend, and stores database credentials to access this backend in a file readable by unprivileged users. As a result, any user having access to the filesystem can read database login details from that file, including the login name and its associated password. Then, the credentials can be used to get database owner access to the SWNetPerfMon.DB database. This gives access to the data collected ... • https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/full-system-control-with-new-solarwinds-orion-based-and-serv-u-ftp-vulnerabilities • CWE-798: Use of Hard-coded Credentials •
CVSS: 9.8EPSS: 97%CPEs: 3EXPL: 2CVE-2020-10148 – SolarWinds Orion Authentication Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2020-10148
29 Dec 2020 — The SolarWinds Orion API is vulnerable to an authentication bypass that could allow a remote attacker to execute API commands. This vulnerability could allow a remote attacker to bypass authentication and execute API commands which may result in a compromise of the SolarWinds instance. SolarWinds Orion Platform versions 2019.4 HF 5, 2020.2 with no hotfix installed, and 2020.2 HF 1 are affected. La API Orion de SolarWinds es vulnerable a una omisión de autenticación que podría permitir a un atacante remoto e... • https://github.com/B1anda0/CVE-2020-10148 • CWE-287: Improper Authentication CWE-288: Authentication Bypass Using an Alternate Path or Channel •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0CVE-2020-13169
https://notcve.org/view.php?id=CVE-2020-13169
17 Sep 2020 — Stored XSS (Cross-Site Scripting) exists in the SolarWinds Orion Platform before before 2020.2.1 on multiple forms and pages. This vulnerability may lead to the Information Disclosure and Escalation of Privileges (takeover of administrator account). Una vulnerabilidad de tipo XSS (Cross-Site Scripting) almacenado se presenta en SolarWinds Orion Platform versiones anteriores a 2020.2.1, en varios formularios y páginas. Esta vulnerabilidad puede conllevar a una divulgación de información y a una escalada... • https://documentation.solarwinds.com/en/Success_Center/orionplatform/Content/Release_Notes/Orion_Platform_2020-2-1_release_notes.htm#NewFeaturesOrion • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 1CVE-2019-12864
https://notcve.org/view.php?id=CVE-2019-12864
04 May 2020 — SolarWinds Orion Platform 2018.4 HF3 (NPM 12.4, NetPath 1.1.4) is vulnerable to Information Leakage, because of improper error handling with stack traces, as demonstrated by discovering a full pathname upon a 500 Internal Server Error via the api2/swis/query?lang=en-us&swAlertOnError=false query parameter. Orion Platform versión 2018.4 HF3 de SolarWinds (NPM versión 12.4, NetPath versión 1.1.4), es vulnerable a una Filtración de Información, debido al manejo inapropiado de errores con rastros de pila, como ... • https://www.esecforte.com/network-performance-monitor-india-esec-forte-technologies • CWE-209: Generation of Error Message Containing Sensitive Information •
CVSS: 4.8EPSS: 0%CPEs: 3EXPL: 1CVE-2019-12863
https://notcve.org/view.php?id=CVE-2019-12863
25 Feb 2020 — SolarWinds Orion Platform 2018.4 HF3 (NPM 12.4, NetPath 1.1.4) allows Stored HTML Injection by administrators via the Web Console Settings screen. SolarWinds Orion Platform versión 2018.4 HF3 (NPM versión 12.4, NetPath versión 1.1.4), permite una inyección HTML Almacenada por los administradores por medio de la pantalla Web Console Settings. • https://www.esecforte.com/responsible-vulnerability-disclosure-cve-2019-12863-stored-html-injection-vulnerability-in-solarwinds-orion-platform-2018-4-hf3-npm-12-4-netpath-1-1-4 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •