This page lists publicly disclosed CVE vulnerabilities affecting solarwinds storage_manager (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2012-2576 | SQL injection vulnerability in the LoginServlet page in SolarWinds Storage Manager before 5.1.2, SolarWinds Storage Profiler before 5.1.2, and SolarWinds Backup Profiler before 5.1.2 allows remote attackers to execute arbitrary SQL commands via the loginName field. | [email protected] | 9.8 | 66.76% | 2017-12-20 | 2026-05-13 |
| CVE-2015-7838 | ProcessFileUpload.jsp in SolarWinds Storage Manager before 6.2 allows remote attackers to upload and execute arbitrary files via unspecified vectors. | [email protected] | 10.0 | 16.42% | 2015-10-15 | 2026-05-06 |
| CVE-2015-5371 | The AuthenticationFilter class in SolarWinds Storage Manager allows remote attackers to upload and execute arbitrary scripts via unspecified vectors. | [email protected] | 10.0 | 87.70% | 2015-07-06 | 2026-05-06 |