Solarwinds Network Configuration Manager

This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor	Solarwinds	First view	2014-08-07
Product	Network Configuration Manager	Last view	2023-11-09
Version		Type	Application
Update
Edition
Language
Sofware Edition
Target Software
Target Hardware
Other

Activity : Overall

COMMON PLATFORM ENUMERATION: Repartition per Version

CPE Name	Affected CVE
cpe:2.3:a:solarwinds:network_configuration_manager:7.2.0:::::::*	7
cpe:2.3:a:solarwinds:network_configuration_manager:7.2.1:::::::*	7
cpe:2.3:a:solarwinds:network_configuration_manager::::::::	7

Related : CVE

	Date	Alert	Description
8.8	2023-11-09	CVE-2023-40055	The Network Configuration Manager was susceptible to a Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows a low-level user to perform the actions with SYSTEM privileges.� We found this issue was not resolved in CVE-2023-33227
8.8	2023-11-09	CVE-2023-40054	The Network Configuration Manager was susceptible to a Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows a low-level user to perform the actions with SYSTEM privileges.� We found this issue was not resolved in CVE-2023-33226
4.9	2023-11-01	CVE-2023-33228	The SolarWinds Network Configuration Manager was susceptible to the Exposure of Sensitive Information Vulnerability. This vulnerability allows users with administrative access to SolarWinds Web Console to obtain sensitive information.
8.8	2023-11-01	CVE-2023-33227	The Network Configuration Manager was susceptible to a Directory Traversal Remote Code Execution Vulnerability This vulnerability allows a low level user to perform the actions with SYSTEM privileges.
8.8	2023-11-01	CVE-2023-33226	The Network Configuration Manager was susceptible to a Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows a low-level user to perform the actions with SYSTEM privileges.
6.5	2022-10-10	CVE-2021-35226	An entity in Network Configuration Manager product is misconfigured and exposing password field to Solarwinds Information Service (SWIS). Exposed credentials are encrypted and require authenticated access with an NCM role.
6.8	2014-08-07	CVE-2014-3459	Heap-based buffer overflow in SolarWinds Network Configuration Manager (NCM) before 7.3 allows remote attackers to execute arbitrary code via the PEstrarg1 property.

CWE : Common Weakness Enumeration

%	id	Name
50% (1)	CWE-326	Inadequate Encryption Strength
50% (1)	CWE-119	Failure to Constrain Operations within the Bounds of a Memory Buffer

Nessus® Vulnerability Scanner

id	Description
2014-05-12	Name: The remote web server hosts a web application affected by multiple vulnerabil... File: solarwinds_orion_npm_10_7.nasl - Type: ACT_GATHER_INFO

Copyright Security-Database 2006-2025 - Powered by themself ;) in 0.0185s

Facebook rss twitter linkedin mail