Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

SolarWinds — Vulnerabilities & Security Advisories 166

Browse all 166 CVE security advisories affecting SolarWinds. AI-powered Chinese analysis, POCs, and references for each vulnerability.

SolarWinds provides IT management and monitoring software, primarily serving enterprise networks through its Orion platform. Historically, its applications have exhibited vulnerabilities typical of complex enterprise suites, including remote code execution, cross-site scripting, and privilege escalation flaws. These weaknesses often stem from intricate integration points and legacy codebases. The most significant security incident occurred in 2020, when a supply chain attack compromised the software’s update mechanism, allowing threat actors to insert malicious code into legitimate updates. This breach affected numerous government agencies and private corporations, exposing sensitive data and compromising network integrity. The incident highlighted critical risks in software supply chains and led to widespread scrutiny of the company’s development and security practices. Consequently, SolarWinds has implemented stricter security controls and transparency measures to restore trust and mitigate future risks associated with its widely deployed infrastructure tools.

Found 32 results / 166Clear Filters
Top products by SolarWinds: Access Rights Manager SolarWinds Platform Orion Platform Web Help Desk Serv-U SolarWinds Observability Self-Hosted Kiwi Syslog Server Patch Manager Database Performance Analyzer Network Configuration Manager Network Performance Monitor Database Performance Analyzer (DPA) ServU SolarWinds Platform Kiwi CatTools SolarWinds SolarWinds Serv-U DPA Kiwi Syslog NG Service Desk Hybrid Cloud Observability (HCO)/ SolarWinds Platform Server & Application Monitor (SAM) Dameware Mini Remote Control Service Observability Self-Hosted SQL Sentry Serv-U File Server WebHelpDesk Serv-U FTP Server Orion Engineer's Toolset
CVE IDTitleCVSSSeverityPublished
CVE-2024-28991 SolarWinds Access Rights Manager (ARM) Deserialization of Untrusted Data Remote Code Execution — Access Rights ManagerCWE-502 9.0 Critical2024-09-12
CVE-2024-28990 SolarWinds Access Rights Manager (ARM) Hardcoded Credentials Authentication Bypass Vulnerability — Access Rights ManagerCWE-798 6.3 Medium2024-09-12
CVE-2024-23471 SolarWinds Access Rights Manager (ARM) CreateFile Directory Traversal Remote Code Execution Vulnerability — Access Rights ManagerCWE-287 9.6 Critical2024-07-17
CVE-2024-23470 SolarWinds Access Rights Manager (ARM) UserScriptHumster Exposed Dangerous Method Remote Command Execution Vulnerability — Access Rights ManagerCWE-287 9.6 Critical2024-07-17
CVE-2024-28074 SolarWinds Access Rights Manager (ARM) Internal Deserialization Remote Code Execution Vulnerability — Access Rights ManagerCWE-502 9.6 Critical2024-07-17
CVE-2024-23467 SolarWinds Access Rights Manager Directory Traversal Remote Code Execution Vulnerability — Access Rights ManagerCWE-22 9.6 Critical2024-07-17
CVE-2024-23466 SolarWinds Access Rights Manager Directory Traversal Remote Code Execution Vulnerability — Access Rights ManagerCWE-22 9.6 Critical2024-07-17
CVE-2024-23465 SolarWinds Access Rights Manager (ARM) ChangeHumster Exposed Dangerous Method Authentication Bypass Vulnerability — Access Rights ManagerCWE-287 8.3 High2024-07-17
CVE-2024-23469 SolarWinds Access Rights Manager Exposed Dangerous Method Remote Code Execution Vulnerability — Access Rights ManagerCWE-20 9.6 Critical2024-07-17
CVE-2024-23475 SolarWinds Access Rights Manager Directory Traversal and Information Disclosure Vulnerability — Access Rights ManagerCWE-22 9.6 Critical2024-07-17
CVE-2024-23472 SolarWinds Access Rights Manager Directory Traversal Arbitrary File Deletion and Information Disclosure Vulnerability — Access Rights ManagerCWE-22 9.6 Critical2024-07-17
CVE-2024-28993 SolarWinds Access Rights Manager Directory Traversal and Information Disclosure Vulnerability — Access Rights ManagerCWE-22 7.6 High2024-07-17
CVE-2024-28992 SolarWinds Access Rights Manager Directory Traversal and Information Disclosure Vulnerability — Access Rights ManagerCWE-287 7.6 High2024-07-17
CVE-2024-23468 SolarWinds Access Rights Manager Directory Traversal and Information Disclosure Vulnerability — Access Rights ManagerCWE-22 7.6 High2024-07-17
CVE-2024-23474 SolarWinds Access Rights Manager (ARM) deleteTransferFile Directory Traversal Arbitrary File Deletion and Information Disclosure Vulnerability — Access Rights ManagerCWE-22 7.6 High2024-07-17
CVE-2024-23473 SolarWinds Access Rights Manager (ARM) Hard-Coded Credentials Authentication Bypass Vulnerability — Access Rights ManagerCWE-798 8.6 High2024-05-09
CVE-2024-28075 SolarWinds ARM Deserialization of Untrusted Data Remote Code Execution — Access Rights ManagerCWE-502 9.0 Critical2024-05-09
CVE-2023-40057 SolarWinds Access Rights Manager (ARM) Deserialization of Untrusted Data Remote Code Execution — Access Rights ManagerCWE-502 9.0 Critical2024-02-15
CVE-2024-23477 SolarWinds Access Rights Manager (ARM) Directory Traversal Remote Code Execution Vulnerability — Access Rights ManagerCWE-22 7.9 High2024-02-15
CVE-2024-23476 SolarWinds Access Rights Manager (ARM) Directory Traversal Remote Code Execution Vulnerability — Access Rights ManagerCWE-22 9.6 Critical2024-02-15
CVE-2024-23478 SolarWinds Access Rights Manager (ARM) Deserialization of Untrusted Data Remote Code Execution — Access Rights ManagerCWE-502 8.0 High2024-02-15
CVE-2024-23479 SolarWinds Access Rights Manager (ARM) Directory Traversal Remote Code Execution Vulnerability — Access Rights ManagerCWE-22 9.6 Critical2024-02-15
CVE-2023-40058 Sensitive Information Disclosure Vulnerability — Access Rights ManagerCWE-200 6.5 Medium2023-12-21
CVE-2023-35181 SolarWinds Access Rights Manager Incorrect Default Permissions Local Privilege Escalation Vulnerability — Access Rights ManagerCWE-276 7.8 High2023-10-19
CVE-2023-35187 SolarWinds Access Rights Manager Directory Traversal Remote Code Execution Vulnerability — Access Rights ManagerCWE-22 8.8 High2023-10-19
CVE-2023-35185 SolarWinds Access Rights Manager OpenFile Directory Traversal Remote Code Execution Vulnerability — Access Rights ManagerCWE-22 6.8 Medium2023-10-19
CVE-2023-35183 SolarWinds Access Rights Manager Incorrect Default Permissions Local Privilege Escalation Vulnerability — Access Rights ManagerCWE-276 7.8 High2023-10-19
CVE-2023-35180 SolarWinds Access Rights Manager Deserialization of Untrusted Data Remote Code Execution Vulnerability — Access Rights ManagerCWE-502 8.0 High2023-10-19
CVE-2023-35182 SolarWinds Access Rights Manager Deserialization of Untrusted Data Remote Code Execution Vulnerability — Access Rights ManagerCWE-502 8.8 High2023-10-19
CVE-2023-35184 SolarWinds Access Rights Manager Deserialization of Untrusted Data Remote Code Execution Vulnerability — Access Rights ManagerCWE-502 8.8 High2023-10-19

This page lists every published CVE security advisory associated with SolarWinds. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.