CPE-C4237520-343D-4766-B91D-106BAA947F47 Détail

CPE Details

Solarwinds Serv-U 15.3

Vendor

solarwinds

Product

serv-u

Version

15.3

Created

2022-02-04
15h06 +00:00

Modifié

2022-05-03
11h01 +00:00

Liens officiels

CPE NVD

Alerte pour un CPE

Restez informé de toutes modifications pour un CPE spécifique.

Gestion des notifications

Liste des Notifications

Alerte pour un CPE

Restez informé de toutes modifications pour un CPE spécifique.

Paramètres

Vous pouvez spécifier un titre qui sera récupéré dans les alertes qui seront envoyées.

CPE ID

Planifications

Mois

Prochaine exécution calculée

Jour

Jour de la semaine

Heure

Minute

Date de création

Dernière exécution

Prochaine exécution

Fonctionnalité nécessitant une connexion

Cette fonctionnalité qui vous permet de recevoir des alertes, n'est active que lorsque vous êtes connecté à votre compte.

CPE Name: cpe:2.3:a:solarwinds:serv-u:15.3:-::::::

Informations

Vendor

solarwinds

Product

serv-u

Version

15.3

Update

Related CVE

Open and find in CVE List

CVE ID	Publié	Description	Score	Gravité
CVE-2024-45711	2024-10-16 07h27 +00:00	SolarWinds Serv-U is vulnerable to a directory traversal vulnerability where remote code execution is possible depending on privileges given to the authenticated user. This issue requires a user to be authenticated and this is present when software environment variables are abused. Authentication is required for this vulnerability	8.8	Haute
CVE-2024-45714	2024-10-16 07h26 +00:00	Application is vulnerable to Cross Site Scripting (XSS) an authenticated attacker with users’ permissions can modify a variable with a payload.	4.8	Moyen
CVE-2024-28995	2024-06-06 09h01 +00:00	SolarWinds Serv-U was susceptible to a directory transversal vulnerability that would allow access to read sensitive files on the host machine.	8.6	Haute
CVE-2024-28072	2024-05-03 07h50 +00:00	A highly privileged account can overwrite arbitrary files on the system with log output. The log file path tags were not sanitized properly.	5.7	Moyen
CVE-2024-28073	2024-04-17 16h58 +00:00	SolarWinds Serv-U was found to be susceptible to a Directory Traversal Remote Code Vulnerability. This vulnerability requires a highly privileged account to be exploited.	8.4	Haute
CVE-2023-23841	2023-06-14 22h00 +00:00	SolarWinds Serv-U is submitting an HTTP request when changing or updating the attributes for File Share or File request.  Part of the URL of the request discloses sensitive data.	7.5	Haute
CVE-2021-35252	2022-12-15 23h00 +00:00	Common encryption key appears to be used across all deployed instances of Serv-U FTP Server. Because of this an encrypted value that is exposed to an attacker can be simply recovered to plaintext.	7.5	Haute
CVE-2021-35249	2022-05-17 19h44 +00:00	This broken access control vulnerability pertains specifically to a domain admin who can access configuration & user data of other domains which they should not have access to. Please note the admin is unable to modify the data (read only operation). This UAC issue leads to a data leak to unauthorized users for a domain, with no log of them accessing the data unless they attempt to modify it. This read-only activity is logged to the original domain and does not specify which domain was accessed.	4.3	Moyen
CVE-2021-35250	2022-04-25 19h47 +00:00	A researcher reported a Directory Transversal Vulnerability in Serv-U 15.3. This may allow access to files relating to the Serv-U installation and server files. This issue has been resolved in Serv-U 15.3 Hotfix 1.	7.5	Haute

Solarwinds Serv-U 15.3

CPE Details

CPE Name: cpe:2.3:a:solarwinds:serv-u:15.3:-:*:*:*:*:*:*

Informations

Vendor

Product

Version

Update

Related CVE

CPE Name: cpe:2.3:a:solarwinds:serv-u:15.3:-::::::