Total
7 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2023-40055 | 1 Solarwinds | 1 Network Configuration Manager | 2024-11-21 | N/A | 8.0 HIGH |
The Network Configuration Manager was susceptible to a Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows a low-level user to perform the actions with SYSTEM privileges. We found this issue was not resolved in CVE-2023-33227 | |||||
CVE-2023-40054 | 1 Solarwinds | 1 Network Configuration Manager | 2024-11-21 | N/A | 8.0 HIGH |
The Network Configuration Manager was susceptible to a Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows a low-level user to perform the actions with SYSTEM privileges. We found this issue was not resolved in CVE-2023-33226 | |||||
CVE-2023-33228 | 1 Solarwinds | 1 Network Configuration Manager | 2024-11-21 | N/A | 4.5 MEDIUM |
The SolarWinds Network Configuration Manager was susceptible to the Exposure of Sensitive Information Vulnerability. This vulnerability allows users with administrative access to SolarWinds Web Console to obtain sensitive information. | |||||
CVE-2023-33227 | 1 Solarwinds | 1 Network Configuration Manager | 2024-11-21 | N/A | 8.0 HIGH |
The Network Configuration Manager was susceptible to a Directory Traversal Remote Code Execution Vulnerability This vulnerability allows a low level user to perform the actions with SYSTEM privileges. | |||||
CVE-2023-33226 | 1 Solarwinds | 1 Network Configuration Manager | 2024-11-21 | N/A | 8.0 HIGH |
The Network Configuration Manager was susceptible to a Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows a low-level user to perform the actions with SYSTEM privileges. | |||||
CVE-2021-35226 | 1 Solarwinds | 1 Network Configuration Manager | 2024-11-21 | N/A | 6.5 MEDIUM |
An entity in Network Configuration Manager product is misconfigured and exposing password field to Solarwinds Information Service (SWIS). Exposed credentials are encrypted and require authenticated access with an NCM role. | |||||
CVE-2014-3459 | 1 Solarwinds | 1 Network Configuration Manager | 2024-11-21 | 6.8 MEDIUM | N/A |
Heap-based buffer overflow in SolarWinds Network Configuration Manager (NCM) before 7.3 allows remote attackers to execute arbitrary code via the PEstrarg1 property. |