CVE-2019-12864 vulnerability in SolarWinds Products
Published on May 4, 2020

SolarWinds Orion Platform 2018.4 HF3 (NPM 12.4, NetPath 1.1.4) is vulnerable to Information Leakage, because of improper error handling with stack traces, as demonstrated by discovering a full pathname upon a 500 Internal Server Error via the api2/swis/query?lang=en-us&swAlertOnError=false query parameter.

NVD

Products Associated with CVE-2019-12864

Want to know whenever a new CVE is published for SolarWinds products? stack.watch will email you.

SolarWinds Netpath

SolarWinds Network Performance Monitor

SolarWinds Orion Platform

Exploit Probability

EPSS

0.22%

Percentile

44.86%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2019-12864 vulnerability in SolarWinds ProductsPublished on May 4, 2020

Products Associated with CVE-2019-12864

Exploit Probability

CVE-2019-12864 vulnerability in SolarWinds Products
Published on May 4, 2020