Solarwinds Netpath vulnerabilities
2 known vulnerabilities affecting solarwinds/netpath.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2019-12864P4MEDIUMCVSS 5.5v1.1.42020-05-04
CVE-2019-12864 [MEDIUM] CWE-209 CVE-2019-12864: SolarWinds Orion Platform 2018.4 HF3 (NPM 12.4, NetPath 1.1.4) is vulnerable to Information Leakage,
SolarWinds Orion Platform 2018.4 HF3 (NPM 12.4, NetPath 1.1.4) is vulnerable to Information Leakage, because of improper error handling with stack traces, as demonstrated by discovering a full pathname upon a 500 Internal Server Error via the api2/swis/query?lang=en-us&swAlertOnError=false query parameter.
nvd
CVE-2019-12863P4MEDIUMCVSS 4.8v1.1.42020-02-25
CVE-2019-12863 [MEDIUM] CWE-79 CVE-2019-12863: SolarWinds Orion Platform 2018.4 HF3 (NPM 12.4, NetPath 1.1.4) allows Stored HTML Injection by admin
SolarWinds Orion Platform 2018.4 HF3 (NPM 12.4, NetPath 1.1.4) allows Stored HTML Injection by administrators via the Web Console Settings screen.
nvd