Solarwinds Security Event Manager vulnerabilities
4 known vulnerabilities affecting solarwinds/security_event_manager.
Total CVEs
4
CISA KEV
0
Public exploits
1
Exploited in wild
1
Severity breakdown
HIGH1MEDIUM3
Vulnerabilities
Page 1 of 1
CVE-2024-0692P1HIGHCVSS 8.8ExploitedPoCfixed in 2023.4.1v2023.4 and previous versions 2024-03-01
CVE-2024-0692 [HIGH] CWE-502 CVE-2024-0692: The SolarWinds Security Event Manager was susceptible to Remote Code Execution Vulnerability. This v
The SolarWinds Security Event Manager was susceptible to Remote Code Execution Vulnerability. This vulnerability allows an unauthenticated user to abuse SolarWinds’ service, resulting in remote code execution.
nvd
CVE-2022-38114P4MEDIUMCVSS 6.1fixed in 2022.42022-11-23
CVE-2022-38114 [MEDIUM] CWE-79 CVE-2022-38114: This vulnerability occurs when a web server fails to correctly process the Content-Length of POST re
This vulnerability occurs when a web server fails to correctly process the Content-Length of POST requests. This can lead to HTTP request smuggling or XSS.
nvd
CVE-2022-38115P4MEDIUMCVSS 5.3fixed in 2022.22022-11-23
CVE-2022-38115 [MEDIUM] CWE-650 CVE-2022-38115: Insecure method vulnerability in which allowed HTTP methods are disclosed. E.g., OPTIONS, DELETE, TR
Insecure method vulnerability in which allowed HTTP methods are disclosed. E.g., OPTIONS, DELETE, TRACE, and PUT
nvd
CVE-2022-38113P4MEDIUMCVSS 5.3v2022.42022-11-23
CVE-2022-38113 [MEDIUM] CWE-200 CVE-2022-38113: This vulnerability discloses build and services versions in the server response header.
This vulnerability discloses build and services versions in the server response header.
nvd