SolarWinds Database Performance Analyzer (DPA) 2021.3.7388

CPE Details

SolarWinds Database Performance Analyzer (DPA) 2021.3.7388
solarwinds
database_performance_analyzer
2021.3.7388
2021-10-25
11h06 +00:00
2021-11-03
18h22 +00:00
CPE NVD
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
Gestion des notifications

CPE Name: cpe:2.3:a:solarwinds:database_performance_analyzer:2021.3.7388:*:*:*:*:*:*:*

Informations

Vendor

solarwinds

Product

database_performance_analyzer

Version

2021.3.7388

Related CVE

Open and find in CVE List

CVE ID Publié Description Score Gravité
CVE-2023-33231 2023-07-18 16h50 +00:00 XSS attack was possible in DPA 2023.2 due to insufficient input validation
6.1
Moyen
CVE-2023-23837 2023-04-25 00h00 +00:00 No exception handling vulnerability which revealed sensitive or excessive information to users.
7.5
Haute
CVE-2023-23838 2023-04-25 00h00 +00:00 Directory traversal and file enumeration vulnerability which allowed users to enumerate to different folders of the server.
6.5
Moyen
CVE-2022-38110 2023-01-19 23h00 +00:00 In Database Performance Analyzer (DPA) 2022.4 and older releases, certain URL vectors are susceptible to authenticated reflected cross-site scripting.
5.4
Moyen
CVE-2022-38112 2023-01-19 23h00 +00:00 In DPA 2022.4 and older releases, generated heap memory dumps contain sensitive information in cleartext.
7.5
Haute
CVE-2021-35229 2022-04-21 18h18 +00:00 Cross-site scripting vulnerability is present in Database Performance Monitor 2022.1.7779 and previous versions when using a complex SQL query
6.8
Moyen
CVE-2021-35228 2021-10-21 17h43 +00:00 This vulnerability occurred due to missing input sanitization for one of the output fields that is extracted from headers on specific section of page causing a reflective cross site scripting attack. An attacker would need to perform a Man in the Middle attack in order to change header for a remote victim.
5.5
Moyen