Solarwinds: >> Network Performance Monitor >> 12.1 Security Vulnerabilities
Each authenticated Orion Platform user in a MSP (Managed Service Provider) environment can view and browse all NetPath Services from all that MSP's customers. This can lead to any user having a limited insight into other customer's infrastructure and potential data cross-contamination.
CVSS Score
5.0
EPSS Score
0.017
Published
2021-10-21
SolarWinds Network Performance Monitor 12.3 allows SQL Injection via the /api/ActiveAlertsOnThisEntity/GetActiveAlerts TriggeringObjectEntityNames parameter.
CVSS Score
8.8
EPSS Score
0.007
Published
2019-07-16