Cross-site scripting vulnerability in SolarWinds Orion Network Performance Monitor
CVE-2012-4939

Currently unrated

Key Information:

Vendor: Solarwinds
Status: Orion Network Performance Monitor; Ip Address Manager Web Interface
Vendor: CVE Published:; 31 October 2012

Summary

The IPAM web interface in SolarWinds Orion Network Performance Monitor is susceptible to cross-site scripting (XSS) attacks. This vulnerability can be exploited by remote attackers through the 'Search for an IP address' field, allowing them to inject malicious web scripts or HTML. If successfully executed, attackers can manipulate user sessions, redirect users to malicious websites, or perform other harmful actions, putting sensitive data at risk.

References

http://www.kb.cert.org/vuls/id/203844

third-party-advisoryx_refsource_CERT-VN

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Oct 31, 2012