SolarWinds Network Performance Monitor 2020.2.1

CPE Details

SolarWinds Network Performance Monitor 2020.2.1
solarwinds
network_performance_monitor
2020.2.1
2021-02-16
14h55 +00:00
2021-08-09
13h41 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:solarwinds:network_performance_monitor:2020.2.1:*:*:*:*:*:*:*

Informations

Vendor

solarwinds

Product

network_performance_monitor

Version

2020.2.1

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2021-35225 2021-10-21 17h39 +00:00 Each authenticated Orion Platform user in a MSP (Managed Service Provider) environment can view and browse all NetPath Services from all that MSP's customers. This can lead to any user having a limited insight into other customer's infrastructure and potential data cross-contamination.
6.4
Medium
CVE-2021-31474 2021-05-21 12h40 +00:00 This vulnerability allows remote attackers to execute arbitrary code on affected installations of SolarWinds Network Performance Monitor 2020.2.1. Authentication is not required to exploit this vulnerability. The specific flaw exists within the SolarWinds.Serialization library. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-12213.
9.8
Critical