Solarwinds Vulnerabilidad

Cronología

Escribe

Not Defined164
File Transfer Software56
Remote Access Software11
Network Management Software10
Virtualization Software3

Producto

SolarWinds Orion Platform34
SolarWinds Platform32
SolarWinds Serv-U27
SolarWinds Access Rights Manager14
SolarWinds Serv-U FTP Server14

Contramedidas

Official Fix171
Temporary Fix0
Workaround0
Unavailable1
Not Defined75

Explotabilidad

High11
Functional0
Proof-of-Concept13
Unproven5
Not Defined218

Vector de acceso

Not Defined0
Physical1
Local18
Adjacent57
Network171

Autenticación

Not Defined0
High40
Low101
None106

La interacción del usuario

Not Defined0
Required61
None186

C3BM Index

CVSSv3 Base

≤10
≤20
≤33
≤425
≤538
≤647
≤747
≤849
≤925
≤1013

CVSSv3 Temp

≤10
≤20
≤33
≤427
≤546
≤644
≤754
≤836
≤926
≤1011

VulDB

≤10
≤23
≤315
≤434
≤543
≤647
≤729
≤852
≤915
≤109

NVD

≤10
≤20
≤30
≤41
≤514
≤616
≤715
≤832
≤922
≤1020

CNA

≤10
≤20
≤31
≤46
≤513
≤69
≤720
≤829
≤918
≤102

Proveedor

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Research

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Explotar día 0

<1k51
<2k115
<5k80
<10k0
<25k0
<50k1
<100k0
≥100k0

Explotar hoy

<1k236
<2k8
<5k2
<10k1
<25k0
<50k0
<100k0
≥100k0

Explotar el volumen del mercado

🔴 CTI Ocupaciones

Affected Products (59): ARM (1), Access Rights Manager (14), Advanced Monitoring Agent (1), Application Monitor (2), Backup Profiler (1), DPA (3), DameWare Mini Remote Control (4), DameWare Remote Mini Control (3), DameWare Remote Support (1), Dameware (1), Dameware Mini Remote Client Agent (1), Dameware Remote Mini Controller (1), Database Performance (1), Database Performance Analyzer (4), Database Performance Monitor (1), ETS (1), Event Manager (3), Event Manager (3), FTP Voyager (1), Firewall Security Manager (1), Kiwi CatTools (1), Kiwi Syslog Server (5), LEM (2), Log (3), Log (3), MSP PME Cache Service (1), N-Able N-Central (1), N-Central (3), N-central (6), Network Configuration Manager (8), Network Performance Monitor (9), Orion (5), Orion Job Scheduler (1), Orion NPM (1), Orion Network Management (1), Orion Network Performance Monitor (5), Orion Platform (34), Orion Virtual Infrastructure Monitor (1), Patch Manager (3), Platform (32), Product (1), SEM (3), SFTP SCP Server (2), SQL Sentry (1), Security Event Manager (1), Serv-U (27), Serv-U Console (1), Serv-U FTP Server (14), Serv-U File Server (5), Serv-U MFT (1), Serv-U Managed File Transfer (2), Server (2), Storage Manager (4), Storage Profiler (1), Storage Resource Monitor (1), TFTP Server (6), Virtualization Manager (3), WebHelpDesk (2), Web Help Desk (12)

Link to Vendor Website: https://www.solarwinds.com/

Fecha de publicaciónBaseTempVulnerabilidadProdExpConEPSSCTICVE
2024-04-186.26.2SolarWinds Platform SWQL sql injectionDesconocidoNot DefinedNot Defined0.000430.00CVE-2024-29001
2024-04-185.55.5SolarWinds Platform Maps Section cross site scriptingDesconocidoNot DefinedNot Defined0.000430.00CVE-2024-29003
2024-04-184.84.8SolarWinds Platform URL Parameter RedirectDesconocidoNot DefinedNot Defined0.000750.00CVE-2024-28076
2024-04-176.56.5SolarWinds Serv-U directory traversalFile Transfer SoftwareNot DefinedNot Defined0.000440.05CVE-2024-28073
2024-03-019.39.1SolarWinds Security Event Manager Service escalada de privilegiosDesconocidoNot DefinedOfficial Fix0.000570.05CVE-2024-0692
2024-02-159.29.2SolarWinds Access Rights Manager directory traversalDesconocidoNot DefinedNot Defined0.001290.04CVE-2024-23479
2024-02-158.48.4SolarWinds Access Rights Manager Service escalada de privilegiosDesconocidoNot DefinedNot Defined0.000510.03CVE-2024-23478
2024-02-158.88.8SolarWinds Access Rights Manager directory traversalDesconocidoNot DefinedNot Defined0.001830.05CVE-2024-23477
2024-02-159.29.2SolarWinds Access Rights Manager directory traversalDesconocidoNot DefinedNot Defined0.001830.03CVE-2024-23476
2024-02-158.98.9SolarWinds Access Rights Manager Service escalada de privilegiosDesconocidoNot DefinedNot Defined0.000510.02CVE-2023-40057
2024-02-067.47.4SolarWinds Platform UPDATE Statement sql injectionDesconocidoNot DefinedOfficial Fix0.001130.02CVE-2023-50395
2024-02-067.47.4SolarWinds Platform sql injectionDesconocidoNot DefinedOfficial Fix0.001130.05CVE-2023-35188
2023-12-226.96.8SolarWinds Access Rights Manager Environment escalada de privilegiosDesconocidoNot DefinedOfficial Fix0.000900.00CVE-2023-40058
2023-12-065.35.2SolarWinds Serv-U File Share escalada de privilegiosFile Transfer SoftwareNot DefinedOfficial Fix0.000450.04CVE-2023-40053
2023-11-287.47.4SolarWinds Platform sql injectionDesconocidoNot DefinedOfficial Fix0.000730.03CVE-2023-40056
2023-11-098.38.1SolarWinds Network Configuration Manager directory traversalDesconocidoNot DefinedOfficial Fix0.002070.02CVE-2023-40055
2023-11-098.38.1SolarWinds Network Configuration Manager directory traversalDesconocidoNot DefinedOfficial Fix0.002230.04CVE-2023-40054
2023-11-017.07.0SolarWinds Platform Job Execution escalada de privilegiosDesconocidoNot DefinedNot Defined0.001090.00CVE-2023-40061
2023-11-013.93.9SolarWinds Network Configuration Manager cifrado débilDesconocidoNot DefinedOfficial Fix0.000490.02CVE-2023-33228
2023-11-018.38.1SolarWinds Platform escalada de privilegiosDesconocidoNot DefinedOfficial Fix0.001940.00CVE-2023-40062
2023-11-018.38.1SolarWinds Network Configuration Manager directory traversalDesconocidoNot DefinedOfficial Fix0.007710.00CVE-2023-33227
2023-11-018.38.1SolarWinds Network Configuration Manager directory traversalDesconocidoNot DefinedOfficial Fix0.007710.00CVE-2023-33226
2023-10-198.38.1SolarWinds Access Rights Manager directory traversalDesconocidoNot DefinedOfficial Fix0.000930.02CVE-2023-35185
2023-10-199.19.0SolarWinds Access Rights Manager ARM Server escalada de privilegiosDesconocidoNot DefinedOfficial Fix0.034470.04CVE-2023-35182
2023-10-198.38.1SolarWinds Access Rights Manager ARM API escalada de privilegiosDesconocidoNot DefinedOfficial Fix0.011550.00CVE-2023-35180

222 no se muestran más entradas

🔒 Login Required

You need to signup and login to see more of the remaining 222 results.

AnteriorVisión De ConjuntoPróximo

Interested in the pricing of exploits?

See the underground prices here!