Shodan
Vulnerabilities
Vulnerable Software
Solarwinds:  Security Vulnerabilities
CVE-2024-0692
The SolarWinds Security Event Manager was susceptible to Remote Code Execution Vulnerability. This vulnerability allows an unauthenticated user to abuse SolarWinds’ service, resulting in remote code execution.
CVSS Score
8.8
EPSS Score
0.814
Published
2024-03-01
CVE-2024-23479
SolarWinds Access Rights Manager (ARM) was found to be susceptible to a Directory Traversal Remote Code Execution Vulnerability. If exploited, this vulnerability allows an unauthenticated user to achieve a Remote Code Execution.
CVSS Score
9.6
EPSS Score
0.013
Published
2024-02-15
CVE-2024-23476
The SolarWinds Access Rights Manager (ARM) was found to be susceptible to a Directory Traversal Remote Code Execution Vulnerability. If exploited, this vulnerability allows an unauthenticated user to achieve the Remote Code Execution.
CVSS Score
9.6
EPSS Score
0.019
Published
2024-02-15
CVE-2024-23477
The SolarWinds Access Rights Manager (ARM) was found to be susceptible to a Directory Traversal Remote Code Execution Vulnerability. If exploited, this vulnerability allows an unauthenticated user to achieve a Remote Code Execution.
CVSS Score
7.9
EPSS Score
0.014
Published
2024-02-15
CVE-2024-23478
SolarWinds Access Rights Manager (ARM) was found to be susceptible to a Remote Code Execution Vulnerability. If exploited, this vulnerability allows an authenticated user to abuse a SolarWinds service, resulting in remote code execution.
CVSS Score
8.0
EPSS Score
0.619
Published
2024-02-15
CVE-2023-40057
The SolarWinds Access Rights Manager was found to be susceptible to a Remote Code Execution Vulnerability. If exploited, this vulnerability allows an authenticated user to abuse a SolarWinds service resulting in remote code execution.
CVSS Score
9.0
EPSS Score
0.117
Published
2024-02-15
CVE-2023-35188
SQL Injection Remote Code Execution Vulnerability was found using a create statement in the SolarWinds Platform. This vulnerability requires user authentication to be exploited.
CVSS Score
8.0
EPSS Score
0.01
Published
2024-02-06
CVE-2023-50395
SQL Injection Remote Code Execution Vulnerability was found using an update statement in the SolarWinds Platform. This vulnerability requires user authentication to be exploited
CVSS Score
8.0
EPSS Score
0.01
Published
2024-02-06
CVE-2023-40058
Sensitive data was added to our public-facing knowledgebase that, if exploited, could be used to access components of Access Rights Manager (ARM) if the threat actor is in the same environment.
CVSS Score
6.5
EPSS Score
0.003
Published
2023-12-21
CVE-2023-40053
A vulnerability has been identified within Serv-U 15.4 that allows an authenticated actor to insert content on the file share function feature of Serv-U, which could be used maliciously.
CVSS Score
5.0
EPSS Score
0.001
Published
2023-12-06


Products
Pricing
Contact Us

Shodan ® - All rights reserved