目標達成 すべての支援者に感謝 — 100%達成しました!

目標: 1000 CNY · 調達済み: 1000 CNY

100.0%
コーヒーを一杯おごる

SolarWinds 厂商漏洞列表 / CVE 中文分析 166

SolarWinds 厂商相关 166 条 CVE 漏洞,含 AI 中文分析、POC、CVSS 评分与受影响产品。

SolarWinds 主要提供 IT 基础设施监控与管理软件,其核心产品 Orion 平台广泛用于企业网络运维。历史漏洞多涉及远程代码执行、身份验证绕过及 SQL 注入,累计收录 166 条 CVE。2020 年爆发的供应链攻击事件尤为瞩目,攻击者通过篡改软件更新植入恶意代码,导致全球数千家机构数据泄露,凸显了第三方组件信任链的安全风险,促使行业加强软件供应链审查机制。

上位製品 SolarWinds: Access Rights Manager SolarWinds Platform Orion Platform Web Help Desk Serv-U SolarWinds Observability Self-Hosted Kiwi Syslog Server Patch Manager Database Performance Analyzer Network Configuration Manager Network Performance Monitor Database Performance Analyzer (DPA) ServU SolarWinds Platform Kiwi CatTools SolarWinds SolarWinds Serv-U DPA Kiwi Syslog NG Service Desk Hybrid Cloud Observability (HCO)/ SolarWinds Platform Server & Application Monitor (SAM) Dameware Mini Remote Control Service Observability Self-Hosted SQL Sentry Serv-U File Server WebHelpDesk Serv-U FTP Server Orion Engineer's Toolset
CVE IDタイトルCVSS深刻度公開日
CVE-2024-23473 SolarWinds Access Rights Manager (ARM) Hard-Coded Credentials Authentication Bypass Vulnerability — Access Rights ManagerCWE-798 8.6 High2024-05-09
CVE-2024-28075 SolarWinds ARM Deserialization of Untrusted Data Remote Code Execution — Access Rights ManagerCWE-502 9.0 Critical2024-05-09
CVE-2024-28073 SolarWinds Serv-U Directory Traversal Remote Code Execution Vulnerability — ServUCWE-22 8.4 High2024-04-17
CVE-2023-40057 SolarWinds Access Rights Manager (ARM) Deserialization of Untrusted Data Remote Code Execution — Access Rights ManagerCWE-502 9.0 Critical2024-02-15
CVE-2024-23477 SolarWinds Access Rights Manager (ARM) Directory Traversal Remote Code Execution Vulnerability — Access Rights ManagerCWE-22 7.9 High2024-02-15
CVE-2024-23476 SolarWinds Access Rights Manager (ARM) Directory Traversal Remote Code Execution Vulnerability — Access Rights ManagerCWE-22 9.6 Critical2024-02-15
CVE-2024-23478 SolarWinds Access Rights Manager (ARM) Deserialization of Untrusted Data Remote Code Execution — Access Rights ManagerCWE-502 8.0 High2024-02-15
CVE-2024-23479 SolarWinds Access Rights Manager (ARM) Directory Traversal Remote Code Execution Vulnerability — Access Rights ManagerCWE-22 9.6 Critical2024-02-15
CVE-2023-40058 Sensitive Information Disclosure Vulnerability — Access Rights ManagerCWE-200 6.5 Medium2023-12-21
CVE-2023-40053 HTML injection Vulnerability in Serv-U 15.4 — Serv-UCWE-20 5.0 Medium2023-12-06
CVE-2023-33228 SolarWinds Network Configuration Manager Sensitive Information Disclosure Vulnerability — Network Configuration ManagerCWE-311 4.5 Medium2023-11-01
CVE-2023-35181 SolarWinds Access Rights Manager Incorrect Default Permissions Local Privilege Escalation Vulnerability — Access Rights ManagerCWE-276 7.8 High2023-10-19
CVE-2023-35187 SolarWinds Access Rights Manager Directory Traversal Remote Code Execution Vulnerability — Access Rights ManagerCWE-22 8.8 High2023-10-19
CVE-2023-35185 SolarWinds Access Rights Manager OpenFile Directory Traversal Remote Code Execution Vulnerability — Access Rights ManagerCWE-22 6.8 Medium2023-10-19
CVE-2023-35183 SolarWinds Access Rights Manager Incorrect Default Permissions Local Privilege Escalation Vulnerability — Access Rights ManagerCWE-276 7.8 High2023-10-19
CVE-2023-35180 SolarWinds Access Rights Manager Deserialization of Untrusted Data Remote Code Execution Vulnerability — Access Rights ManagerCWE-502 8.0 High2023-10-19
CVE-2023-35182 SolarWinds Access Rights Manager Deserialization of Untrusted Data Remote Code Execution Vulnerability — Access Rights ManagerCWE-502 8.8 High2023-10-19
CVE-2023-35184 SolarWinds Access Rights Manager Deserialization of Untrusted Data Remote Code Execution Vulnerability — Access Rights ManagerCWE-502 8.8 High2023-10-19
CVE-2023-35186 SolarWinds Access Rights Manager Deserialization of Untrusted Data Remote Code Execution Vulnerability — Access Rights ManagerCWE-502 8.0 High2023-10-19
CVE-2023-23845 SolarWinds Platform Exposed Dangerous Method Vulnerability — SolarWinds PlatformCWE-697 6.8 Medium2023-09-13
CVE-2023-23840 SolarWinds Platform Exposed Dangerous Method Vulnerability — SolarWinds PlatformCWE-697 6.8 Medium2023-09-13
CVE-2023-23842 SolarWinds Network Configuration Manager Directory Traversal Vulnerability — Network Configuration ManagerCWE-22 7.2 High2023-07-26
CVE-2023-33229 SolarWinds Platform Incorrect Input Neutralization Vulnerability — SolarWinds PlatformCWE-94 3.5 Low2023-07-26
CVE-2023-23843 SolarWinds Platform Incorrect Comparison Vulnerability — SolarWinds PlatformCWE-697 7.2 High2023-07-26
CVE-2023-33224 SolarWinds Platform Incorrect Behavior Order Vulnerability — SolarWinds PlatformCWE-696 7.2 High2023-07-26
CVE-2023-33225 SolarWinds Platform Deserialization of Untrusted Data Vulnerability — SolarWinds PlatformCWE-697 7.2 High2023-07-26
CVE-2023-23844 SolarWinds Platform Incomplete List of Disallowed Inputs Vulnerability — SolarWinds PlatformCWE-184 7.2 High2023-07-26
CVE-2023-33231 XSS in SolarWinds Database Performance Analyzer 2023.2 — DPACWE-79 6.1 Medium2023-07-18
CVE-2023-23841 SolarWinds Serv-U Exposure of Sensitive Information Vulnerability — ServUCWE-319 7.5 High2023-06-15
CVE-2023-23839 SolarWinds Platform Exposure of Sensitive Information Vulnerability — SolarWinds PlatformCWE-200 6.5 Medium2023-04-25

本页汇总了 SolarWinds 厂商截至目前公开的全部 166 条 CVE 漏洞。每条漏洞均包含 CVSS 评分、CWE 弱点分类、受影响产品与参考链接,并附带 AI 生成的中文分析以便快速判断风险。