目標達成 すべての支援者に感謝 — 100%達成しました!

目標: 1000 CNY · 調達済み: 1000 CNY

100.0%
コーヒーを一杯おごる

SolarWinds 厂商漏洞列表 / CVE 中文分析 166

SolarWinds 厂商相关 166 条 CVE 漏洞,含 AI 中文分析、POC、CVSS 评分与受影响产品。

SolarWinds 主要提供 IT 基础设施监控与管理软件,其核心产品 Orion 平台广泛用于企业网络运维。历史漏洞多涉及远程代码执行、身份验证绕过及 SQL 注入,累计收录 166 条 CVE。2020 年爆发的供应链攻击事件尤为瞩目,攻击者通过篡改软件更新植入恶意代码,导致全球数千家机构数据泄露,凸显了第三方组件信任链的安全风险,促使行业加强软件供应链审查机制。

上位製品 SolarWinds: Access Rights Manager SolarWinds Platform Orion Platform Web Help Desk Serv-U SolarWinds Observability Self-Hosted Kiwi Syslog Server Patch Manager Database Performance Analyzer Network Configuration Manager Network Performance Monitor Database Performance Analyzer (DPA) ServU SolarWinds Platform Kiwi CatTools SolarWinds SolarWinds Serv-U DPA Kiwi Syslog NG Service Desk Hybrid Cloud Observability (HCO)/ SolarWinds Platform Server & Application Monitor (SAM) Dameware Mini Remote Control Service Observability Self-Hosted SQL Sentry Serv-U File Server WebHelpDesk Serv-U FTP Server Orion Engineer's Toolset
CVE IDタイトルCVSS深刻度公開日
CVE-2021-35239 Stored XSS in Maps text box hyperlink Vulnerability — Orion PlatformCWE-79 7.5 High2021-08-31
CVE-2021-35222 Resource.aspx Reflected Cross-Site Scripting Vulnerability — Orion PlatformCWE-79 8.0 High2021-08-31
CVE-2021-35221 ImportAlert Improper Access Control Tampering Vulnerability — Orion PlatformCWE-284 6.3 Medium2021-08-31
CVE-2021-35220 EmailWebPage Command Injection RCE — Orion Platform 8.1 High2021-08-31
CVE-2021-35219 ExportToPdfCmd Arbitrary File Read Information Disclosure Vulnerability — Orion Platform 6.0 Medium2021-08-31
CVE-2021-32076 Access Restriction bypass vulnerability via referrer spoof - Business Logic Bypass — Web Help DeskCWE-290 5.3 Medium2021-08-26
CVE-2021-35211 Serv-U Remote Memory Escape Vulnerability — Serv-U Managed File Transfer Server and Serv-U Secured FTP 9.0 Critical2021-07-14
CVE-2021-31474 SolarWinds Network Performance Monitor 代码问题漏洞 — Network Performance MonitorCWE-502 9.8 -2021-05-21
CVE-2021-31475 SolarWinds Orion Job Scheduler 安全漏洞 — Orion Job SchedulerCWE-732 8.8 -2021-05-21
CVE-2021-27277 Solarwinds Orion Virtual Infrastructure Monitor 代码问题漏洞 — Orion Virtual Infrastructure MonitorCWE-502 7.8 -2021-04-22
CVE-2021-27258 Solarwinds Orion Platform 安全漏洞 — Orion PlatformCWE-284 9.8 -2021-04-14
CVE-2021-27240 solarwinds Patch Manager 代码问题漏洞 — Patch ManagerCWE-502 7.8 -2021-03-29
CVE-2020-27869 SolarWinds Network Performance Monitor SQL注入漏洞 — Network Performance MonitorCWE-89 8.8 -2021-02-11
CVE-2020-27871 Solarwinds SolarWinds Orion Platform 路径遍历漏洞 — Orion PlatformCWE-22 8.8 -2021-02-10
CVE-2020-27870 Solarwinds SolarWinds Orion Platform 路径遍历漏洞 — Orion PlatformCWE-22 6.5 -2021-02-10
CVE-2020-10148 SolarWinds Orion API is vulnerable to an authentication bypass that could allow a remote attacker to execute API commands — Orion PlatformCWE-288 9.8 -2020-12-29

本页汇总了 SolarWinds 厂商截至目前公开的全部 166 条 CVE 漏洞。每条漏洞均包含 CVSS 评分、CWE 弱点分类、受影响产品与参考链接,并附带 AI 生成的中文分析以便快速判断风险。