SolarWinds Network Performance Monitor 12.0.15300.90

CPE Details

SolarWinds Network Performance Monitor 12.0.15300.90
solarwinds
network_performance_monitor
12.0.15300.90
2019-09-06
16h07 +00:00
2019-09-06
16h07 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:solarwinds:network_performance_monitor:12.0.15300.90:*:*:*:*:*:*:*

Informations

Vendor

solarwinds

Product

network_performance_monitor

Version

12.0.15300.90

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2021-35225 2021-10-21 17h39 +00:00 Each authenticated Orion Platform user in a MSP (Managed Service Provider) environment can view and browse all NetPath Services from all that MSP's customers. This can lead to any user having a limited insight into other customer's infrastructure and potential data cross-contamination.
6.4
Medium
CVE-2018-13442 2019-07-16 15h56 +00:00 SolarWinds Network Performance Monitor 12.3 allows SQL Injection via the /api/ActiveAlertsOnThisEntity/GetActiveAlerts TriggeringObjectEntityNames parameter.
8.8
High
CVE-2017-9537 2017-10-02 12h00 +00:00 Persistent cross-site scripting (XSS) in the Add Node function of SolarWinds Network Performance Monitor version 12.0.15300.90 allows remote attackers to introduce arbitrary JavaScript into various vulnerable parameters.
4.8
Medium
CVE-2017-9538 2017-10-02 12h00 +00:00 The 'Upload logo from external path' function of SolarWinds Network Performance Monitor version 12.0.15300.90 allows remote attackers to cause a denial of service (permanent display of a "Cannot exit above the top directory" error message throughout the entire web application) via a ".." in the path field. In other words, the denial of service is caused by an incorrect implementation of a directory-traversal protection mechanism.
4.9
Medium