SolarWinds Serv-U 15.3.2

CPE Details

SolarWinds Serv-U 15.3.2
solarwinds
serv-u
15.3.2
2022-12-19
15h17 +00:00
2022-12-19
16h18 +00:00
CPE NVD
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
Gestion des notifications

CPE Name: cpe:2.3:a:solarwinds:serv-u:15.3.2:*:*:*:*:*:*:*

Informations

Vendor

solarwinds

Product

serv-u

Version

15.3.2

Related CVE

Open and find in CVE List

CVE ID Publié Description Score Gravité
CVE-2024-45711 2024-10-16 07h27 +00:00 SolarWinds Serv-U is vulnerable to a directory traversal vulnerability where remote code execution is possible depending on privileges given to the authenticated user. This issue requires a user to be authenticated and this is present when software environment variables are abused. Authentication is required for this vulnerability
8.8
Haute
CVE-2024-45714 2024-10-16 07h26 +00:00 Application is vulnerable to Cross Site Scripting (XSS) an authenticated attacker with users’ permissions can modify a variable with a payload.
4.8
Moyen
CVE-2024-28995 2024-06-06 09h01 +00:00 SolarWinds Serv-U was susceptible to a directory transversal vulnerability that would allow access to read sensitive files on the host machine.
8.6
Haute
CVE-2024-28072 2024-05-03 07h50 +00:00 A highly privileged account can overwrite arbitrary files on the system with log output. The log file path tags were not sanitized properly.
5.7
Moyen
CVE-2024-28073 2024-04-17 16h58 +00:00 SolarWinds Serv-U was found to be susceptible to a Directory Traversal Remote Code Vulnerability. This vulnerability requires a highly privileged account to be exploited.
8.4
Haute
CVE-2023-23841 2023-06-14 22h00 +00:00 SolarWinds Serv-U is submitting an HTTP request when changing or updating the attributes for File Share or File request.  Part of the URL of the request discloses sensitive data. 
7.5
Haute