Lucene search
SolarWindsCVELIST:CVE-2024-29003HistoryApr 18, 2024 - 9:07 a.m.
CVE-2024-29003 SolarWinds Platform Cross Site Scripting Vulnerability
2024-04-1809:07:17
CWE-79
SolarWinds
www.cve.org
solarwinds
platform
cross site scripting
vulnerability
maps
user interface
authentication
user interaction
7.5 High
CVSS3
Attack Vector
ADJACENT
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:L
0.0004 Low
EPSS
Percentile
9.2%
The SolarWinds Platform was susceptible to a XSS vulnerability that affects the maps section of the user interface. This vulnerability requires authentication and requires user interaction.
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "SolarWinds Platform ",
"vendor": "SolarWinds ",
"versions": [
{
"status": "affected",
"version": "2024.1 and previous versions "
}
]
}
]Related
nvd
nvd
CVE-2024-29003
2024-04-18 10:15:08
cve
cve
CVE-2024-29003
2024-04-18 10:15:08
nessus
nessus
SolarWinds Platform 2024.0 < 2024.1.1 Multiple Vulnerabilities XSS
2024-04-19 00:00:00
7.5 High
CVSS3
Attack Vector
ADJACENT
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:L
0.0004 Low
EPSS
Percentile
9.2%
Related for CVELIST:CVE-2024-29003