cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2022-47508,https://securityvulnerability.io/vulnerability/CVE-2022-47508,"Disable NTLM: SAM 2022.4 ","A configuration issue has been identified in SolarWinds products where polling configured to utilize Kerberos unexpectedly results in NTLM traffic being processed in the environment. This occurs because data queries are executed via IP address instead of properly utilizing the Kerberos protocol, leading to potential unauthorized access or data exposure. Users should closely review their configurations to ensure secure connectivity protocols are enforced, minimizing risks associated with this vulnerability.",Solarwinds,Server & Application Monitor (sam),7.5,HIGH,0.0014799999771639705,false,,false,false,false,,,false,false,,2023-02-15T00:00:00.000Z,0
CVE-2022-38106,https://securityvulnerability.io/vulnerability/CVE-2022-38106,"Cross-Site Scripting Vulnerability in Serv-U Web Client ","
This vulnerability happens in the web client versions 15.3.0 to Serv-U 15.3.1. This vulnerability affects the directory creation function.  

",Solarwinds,Serv-u File Server,5.4,MEDIUM,0.0006200000061653554,false,,false,false,false,,,false,false,,2022-12-16T00:00:00.000Z,0
CVE-2021-35252,https://securityvulnerability.io/vulnerability/CVE-2021-35252,Common Key Vulnerability in Serv-U FTP Server,Common encryption key appears to be used across all deployed instances of Serv-U FTP Server. Because of this an encrypted value that is exposed to an attacker can be simply recovered to plaintext.,Solarwinds,Serv-u Ftp Server,7.5,HIGH,0.0008200000156648457,false,,false,false,false,,,false,false,,2022-12-16T00:00:00.000Z,0
CVE-2021-35242,https://securityvulnerability.io/vulnerability/CVE-2021-35242,A valid CSRF token is present in response to an invalid request,Serv-U server responds with valid CSRFToken when the request contains only Session.,Solarwinds,Serv-u Server,8.3,HIGH,0.0008900000248104334,false,,false,false,false,,,false,false,,2021-12-06T16:53:22.000Z,0
CVE-2021-35237,https://securityvulnerability.io/vulnerability/CVE-2021-35237,Clickjacking Vulnerability,"A missing HTTP header (X-Frame-Options) in Kiwi Syslog Server has left customers vulnerable to click jacking. Clickjacking is an attack that occurs when an attacker uses a transparent iframe in a window to trick a user into clicking on an actionable item, such as a button or link, to another server in which they have an identical webpage. The attacker essentially hijacks the user activity intended for the original server and sends them to the other server. This is an attack on both the user and the server.",Solarwinds,Kiwi Syslog Server,4.3,MEDIUM,0.0007399999885819852,false,,false,false,false,,,false,false,,2021-10-29T14:15:00.000Z,0
CVE-2021-35231,https://securityvulnerability.io/vulnerability/CVE-2021-35231,Unquoted Path (SMB Login) Vulnerability,"As a result of an unquoted service path vulnerability present in the Kiwi Syslog Server Installation Wizard, a local attacker could gain escalated privileges by inserting an executable into the path of the affected service or uninstall entry. Example vulnerable path: ""Computer\HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Kiwi Syslog Server\Parameters\Application"".",Solarwinds,Kiwi Syslog Server,6.7,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2021-10-19T00:00:00.000Z,0
CVE-2021-35235,https://securityvulnerability.io/vulnerability/CVE-2021-35235,ASP.NET Debug Feature Enabled,"The ASP.NET debug feature is enabled by default in Kiwi Syslog Server 9.7.2 and previous versions. ASP.NET allows remote debugging of web applications, if configured to do so. Debug mode causes ASP.NET to compile applications with extra information. The information enables a debugger to closely monitor and control the execution of an application. If an attacker could successfully start a remote debugging session, this is likely to disclose sensitive information about the web application and supporting infrastructure that may be valuable in targeting SWI with malicious intent.",Solarwinds,Kiwi Syslog Server,5.3,MEDIUM,0.0018700000364333391,false,,false,false,false,,,false,false,,2021-10-19T00:00:00.000Z,0
CVE-2021-35233,https://securityvulnerability.io/vulnerability/CVE-2021-35233,HTTP TRACK & TRACE Methods Enabled,"The HTTP TRACK & TRACE methods were enabled in Kiwi Syslog Server 9.7.1 and earlier. These methods are intended for diagnostic purposes only. If enabled, the web server will respond to requests that use these methods by returning exact HTTP request that was received in the response to the client. This may lead to the disclosure of sensitive information such as internal authentication headers appended by reverse proxies.",Solarwinds,Kiwi Syslog Server,5.3,MEDIUM,0.0008500000112690032,false,,false,false,false,,,false,false,,2021-10-19T00:00:00.000Z,0
CVE-2021-35236,https://securityvulnerability.io/vulnerability/CVE-2021-35236,Missing Secure Flag From SSL Cookie,"The Secure flag is not set in the SSL Cookie of Kiwi Syslog Server 9.7.2 and previous versions. The Secure attribute tells the browser to only send the cookie if the request is being sent over a secure channel such as HTTPS. This will help protect the cookie from being passed over unencrypted requests. If the application can be accessed over both HTTP, there is a potential for the cookie can be sent in clear text.",Solarwinds,Kiwi Syslog Server,3.1,LOW,0.0008500000112690032,false,,false,false,false,,,false,false,,2021-10-14T00:00:00.000Z,0
CVE-2021-35211,https://securityvulnerability.io/vulnerability/CVE-2021-35211,Serv-U Remote Memory Escape Vulnerability,"Microsoft discovered a remote code execution (RCE) vulnerability in the SolarWinds Serv-U product utilizing a Remote Memory Escape Vulnerability. If exploited, a threat actor may be able to gain privileged access to the machine hosting Serv-U Only. SolarWinds Serv-U Managed File Transfer and Serv-U Secure FTP for Windows before 15.2.3 HF2 are affected by this vulnerability.",Solarwinds,Serv-u Managed File Transfer Server And Serv-u Secured Ftp,10,CRITICAL,0.9345800280570984,true,2021-11-03T00:00:00.000Z,false,true,true,2021-11-03T00:00:00.000Z,true,false,false,,2021-07-14T21:15:00.000Z,0
CVE-2020-22428,https://securityvulnerability.io/vulnerability/CVE-2020-22428,Cross Site Scripting in SolarWinds Serv-U Product,"The vulnerability in SolarWinds Serv-U allows malicious actors to inject JavaScript payloads through directory names specified by an admin. This Cross Site Scripting (XSS) issue could enable attackers to execute unauthorized scripts in the context of a user's session, potentially leading to data theft or session hijacking. Users of Serv-U versions prior to 15.1.6 Hotfix 3 should take immediate action to mitigate this risk.",Solarwinds,"Serv-u Ftp Server,Serv-u Mft Server",4.8,MEDIUM,0.0014600000577047467,false,,false,false,false,,,false,false,,2021-05-05T02:42:51.000Z,0
CVE-2021-25179,https://securityvulnerability.io/vulnerability/CVE-2021-25179,Cross Site Scripting in SolarWinds Serv-U Software,"SolarWinds Serv-U prior to version 15.2 is susceptible to an XSS vulnerability that occurs via the manipulation of the HTTP Host header. This security risk can potentially allow an attacker to execute malicious scripts in the context of an affected user's session, leading to unauthorized actions or data exposure. Users are advised to upgrade to a patched version to mitigate these security threats.",Solarwinds,Serv-u File Server,6.1,MEDIUM,0.0016400000313296914,false,,false,false,false,,,false,false,,2021-05-05T02:40:13.000Z,0
CVE-2020-15541,https://securityvulnerability.io/vulnerability/CVE-2020-15541,,SolarWinds Serv-U FTP server before 15.2.1 allows remote command execution.,Solarwinds,Serv-u Ftp Server,9.8,CRITICAL,0.01221999991685152,false,,false,false,false,,,false,false,,2020-07-05T21:04:29.000Z,0
CVE-2020-15543,https://securityvulnerability.io/vulnerability/CVE-2020-15543,,SolarWinds Serv-U FTP server before 15.2.1 does not validate an argument path.,Solarwinds,Serv-u Ftp Server,9.8,CRITICAL,0.002219999907538295,false,,false,false,false,,,false,false,,2020-07-05T21:04:16.000Z,0
CVE-2020-15542,https://securityvulnerability.io/vulnerability/CVE-2020-15542,,SolarWinds Serv-U FTP server before 15.2.1 mishandles the CHMOD command.,Solarwinds,Serv-u Ftp Server,9.8,CRITICAL,0.002219999907538295,false,,false,false,false,,,false,false,,2020-07-05T21:04:05.000Z,0
CVE-2019-19829,https://securityvulnerability.io/vulnerability/CVE-2019-19829,,"A cross-site scripting (XSS) vulnerability exists in SolarWinds Serv-U FTP Server 15.1.7 in the email parameter, a different vulnerability than CVE-2018-19934 and CVE-2019-13182.",Solarwinds,Serv-u Ftp Server,5.4,MEDIUM,0.0008900000248104334,false,,false,false,false,,,false,false,,2019-12-18T17:15:19.000Z,0
CVE-2019-13182,https://securityvulnerability.io/vulnerability/CVE-2019-13182,,A stored cross-site scripting (XSS) vulnerability exists in the web UI of SolarWinds Serv-U FTP Server 15.1.7.,Solarwinds,Serv-u Ftp Server,5.4,MEDIUM,0.012849999591708183,false,,false,false,false,,,false,false,,2019-12-16T20:27:41.000Z,0
CVE-2019-13181,https://securityvulnerability.io/vulnerability/CVE-2019-13181,,A CSV injection vulnerability exists in the web UI of SolarWinds Serv-U FTP Server v15.1.7.,Solarwinds,Serv-u Ftp Server,6.5,MEDIUM,0.0024500000290572643,false,,false,false,false,,,false,false,,2019-12-16T20:26:41.000Z,0
CVE-2019-12181,https://securityvulnerability.io/vulnerability/CVE-2019-12181,,A privilege escalation vulnerability exists in SolarWinds Serv-U before 15.1.7 for Linux.,Solarwinds,"Serv-u Mft Server,Serv-u Ftp Server",8.8,HIGH,0.882889986038208,false,,false,false,true,2019-06-12T22:18:45.000Z,true,false,false,,2019-06-17T15:16:26.000Z,0
CVE-2018-19999,https://securityvulnerability.io/vulnerability/CVE-2018-19999,,"The local management interface in SolarWinds Serv-U FTP Server 15.1.6.25 has incorrect access controls that permit local users to bypass authentication in the application and execute code in the context of the Windows SYSTEM account, leading to privilege escalation. To exploit this vulnerability, an attacker must have local access the the host running Serv-U, and a Serv-U administrator have an active management console session.",Solarwinds,Serv-u Ftp Server,7.8,HIGH,0.0006000000284984708,false,,false,false,false,,,false,false,,2019-06-07T16:13:37.000Z,0
CVE-2018-19934,https://securityvulnerability.io/vulnerability/CVE-2018-19934,,SolarWinds Serv-U FTP Server 15.1.6.25 has reflected cross-site scripting (XSS) in the Web management interface via URL path and HTTP POST parameter.,Solarwinds,Serv-u Ftp Server,4.8,MEDIUM,0.006310000084340572,false,,false,false,false,,,false,false,,2019-03-21T16:00:00.000Z,0
CVE-2018-15906,https://securityvulnerability.io/vulnerability/CVE-2018-15906,,SolarWinds Serv-U FTP Server 15.1.6 allows remote authenticated users to execute arbitrary code by leveraging the Import feature and modifying a CSV file.,Solarwinds,Serv-u Ftp Server,7.2,HIGH,0.024809999391436577,false,,false,false,false,,,false,false,,2019-03-21T16:00:00.000Z,0
CVE-2018-16792,https://securityvulnerability.io/vulnerability/CVE-2018-16792,,SolarWinds SFTP/SCP server through 2018-09-10 is vulnerable to XXE via a world readable and writable configuration file that allows an attacker to exfiltrate data.,Solarwinds,Sftp\/scp Server,9.1,CRITICAL,0.001610000035725534,false,,false,false,false,,,false,false,,2018-12-05T22:00:00.000Z,0
CVE-2018-16791,https://securityvulnerability.io/vulnerability/CVE-2018-16791,,"In SolarWinds SFTP/SCP Server through 2018-09-10, the configuration file is world readable and writable, and stores user passwords in an insecure manner, allowing an attacker to determine passwords for potentially privileged accounts. This also grants the attacker an ability to backdoor the server.",Solarwinds,Sftp\/scp Server,9.8,CRITICAL,0.001990000018849969,false,,false,false,false,,,false,false,,2018-12-05T22:00:00.000Z,0
CVE-2014-9566,https://securityvulnerability.io/vulnerability/CVE-2014-9566,,"Multiple SQL injection vulnerabilities in the Manage Accounts page in the AccountManagement.asmx service in the Solarwinds Orion Platform 2015.1, as used in Network Performance Monitor (NPM) before 11.5, NetFlow Traffic Analyzer (NTA) before 4.1, Network Configuration Manager (NCM) before 7.3.2, IP Address Manager (IPAM) before 4.3, User Device Tracker (UDT) before 3.2, VoIP & Network Quality Manager (VNQM) before 4.2, Server & Application Manager (SAM) before 6.2, Web Performance Monitor (WPM) before 2.2, and possibly other Solarwinds products, allow remote authenticated users to execute arbitrary SQL commands via the (1) dir or (2) sort parameter to the (a) GetAccounts or (b) GetAccountGroups endpoint.",Solarwinds,"Orion Netflow Traffic Analyzer,Orion Web Performance Monitor,Orion Network Configuration Manager,Orion User Device Tracker,Orion Ip Address Manager,Orion Voip \& Network Quality Manager,Orion Server And Application Manager,Orion Network Performance Monitor",,,0.9467399716377258,false,,false,false,false,,,false,false,,2015-03-10T14:00:00.000Z,0