Solarwinds Orion Web Performance Monitor — known CVE vulnerabilities
Every CVE whose affected-product data names Solarwinds Orion Web Performance Monitor, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (4)
CVE-2020-14005 — CVSS 8.8 (high): Solarwinds Orion (with Web Console WPM 2019.4.1, and Orion Platform HF4 or NPM HF2 2019.4) allows remote attackers to execute arbitrary…
CVE-2014-9566 — CVSS 7.5 (high): Multiple SQL injection vulnerabilities in the Manage Accounts page in the AccountManagement.asmx service in the Solarwinds Orion Platform…
CVE-2020-14006 — CVSS 5.4 (medium): Solarwinds Orion (with Web Console WPM 2019.4.1, and Orion Platform HF4 or NPM HF2 2019.4) allows XSS via a Responsible Team.
CVE-2020-14007 — CVSS 5.4 (medium): Solarwinds Orion (with Web Console WPM 2019.4.1, and Orion Platform HF4 or NPM HF2 2019.4) allows XSS via a name of an alert definition.