First published: Fri Jan 20 2023(Updated: )
In Database Performance Analyzer (DPA) 2022.4 and older releases, certain URL vectors are susceptible to authenticated reflected cross-site scripting.
Credit: psirt@solarwinds.com psirt@solarwinds.com
Affected Software | Affected Version | How to fix |
---|---|---|
SolarWinds Database Performance Analyzer | <=2022.4 |
SolarWinds has released a Service Release to address this vulnerability in Database Performance Analyzer (DPA) 2023.1
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2022-38110 is a vulnerability in the SolarWinds Database Performance Analyzer (DPA) 2022.4 and older releases.
CVE-2022-38110 has a severity rating of 5.4, which is considered medium.
The affected software is SolarWinds Database Performance Analyzer (DPA) versions up to and including 2022.4.
The CWE ID of CVE-2022-38110 is 79.
To fix CVE-2022-38110, it is recommended to upgrade to a newer release of SolarWinds Database Performance Analyzer (DPA) that is not affected by the vulnerability.