Cross-Site Scripting Vulnerabilities in SolarWinds Orion Network Performance Monitor
CVE-2012-2577

Currently unrated

Key Information:

Vendor

Solarwinds
Status
Orion Network Performance Monitor
Vendor
CVE Published:
12 August 2012

What is CVE-2012-2577?

SolarWinds Orion Network Performance Monitor versions prior to 10.3.1 are susceptible to multiple Cross-Site Scripting (XSS) vulnerabilities. These vulnerabilities allow remote attackers to inject arbitrary web scripts or HTML into the application through manipulated input in the syslocation, syscontact, and sysName fields of the snmpd.conf file. Successful exploitation could lead to unauthorized access and manipulation of the user experience, potentially compromising sensitive data.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.solarwinds.com/documentation/Orion/docs/Releas...
x_refsource_CONFIRM
http://www.kb.cert.org/vuls/id/174119
third-party-advisoryx_refsource_CERT-VN
http://secunia.com/advisories/50004
third-party-advisoryx_refsource_SECUNIA

EPSS Score

21% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.