Lucene search
+L

243 matches found

RedhatCVE
RedhatCVE
added 2025/02/05 8:1 a.m.10 views

CVE-2024-29003

The SolarWinds Platform was susceptible to a XSS vulnerability that affects the maps section of the user interface. This vulnerability requires authentication and requires user interaction...

7.5CVSS6.2AI score0.00696EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 7:57 a.m.14 views

CVE-2024-29001

A SolarWinds Platform SWQL Injection Vulnerability was identified in the user interface. This vulnerability requires authentication and user interaction to be exploited...

7.5CVSS7.3AI score0.0059EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 3:37 a.m.9 views

CVE-2024-45710

SolarWinds Platform is susceptible to an Uncontrolled Search Path Element Local Privilege Escalation vulnerability. This requires a low privilege account and local access to the affected node machine...

7.8CVSS6.8AI score0.00279EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 3:34 a.m.9 views

CVE-2024-45715

The SolarWinds Platform was susceptible to a Cross-Site Scripting vulnerability when performing an edit function to existing elements...

7.1CVSS6.3AI score0.00329EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 1:7 a.m.14 views

CVE-2024-28076

The SolarWinds Platform was susceptible to a Arbitrary Open Redirection Vulnerability. A potential attacker can redirect to different domain when using URL parameter with relative entry in the correct format...

7CVSS6.8AI score0.00341EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 1:0 a.m.8 views

CVE-2024-28996

The SolarWinds Platform was determined to be affected by a SWQL Injection Vulnerability. Attack complexity is high for this vulnerability...

7.5CVSS7.1AI score0.00349EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2024/12/21 12:0 a.m.8 views

The vulnerability of the Search/Node Information Section component in the user interface of SolarWinds Platform’s network monitoring and IT infrastructure management software allows attackers to perform cross-site scripting (XSS) attacks.

The vulnerability of the Search/Node Information Section component in the user interface of SolarWinds Platform’s network monitoring and IT infrastructure management software is related to the lack of protective measures for the website structure. Exploiting this vulnerability could allow a...

7.4CVSS5.2AI score0.0037EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2024/12/04 7:15 a.m.4 views

CVE-2024-45717

The SolarWinds Platform was susceptible to a XSS vulnerability that affects the search and node information section of the user interface. This vulnerability requires authentication and requires user interaction...

4.8CVSS5.8AI score0.0037EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/12/04 12:0 a.m.6 views

SolarWinds Platform 跨站脚本漏洞

SolarWinds Platform is a unified monitoring, observability, and service management platform from U.S.-based SolarWinds, Inc. A cross-site scripting vulnerability exists in SolarWinds Platform that stems from susceptibility to a cross-site scripting attack that affects the search and node...

7CVSS5.8AI score0.0037EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/12/04 12:0 a.m.10 views

SolarWinds Platform 2024.0 < 2024.4.1 XSS

The version of SolarWinds Platform installed on the remote host is prior to 2024.4.1. It is, therefore, affected by a vulnerability as referenced in the solarwindsplatform202441 advisory. - The SolarWinds Platform was susceptible to a XSS vulnerability that affects the search and node information...

7CVSS5.5AI score0.0037EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2024/11/14 12:0 a.m.7 views

The vulnerability in the software for network monitoring and IT infrastructure management consoles of the SolarWinds Platform allows a hacker to perform cross-site scripting attacks.

The vulnerability of the software for network monitoring and IT infrastructure management solutions developed by SolarWinds exists due to the lack of measures taken to protect the website structure. Exploiting this vulnerability could allow a malicious actor to perform cross-site scripting attack...

7.9CVSS5.2AI score0.00463EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/10/31 12:0 a.m.9 views

The vulnerability of the software for network monitoring and control of IT infrastructure on the SolarWinds Platform lies in its uncontrolled search algorithm, which allows attackers to escalate their privileges.

The vulnerability of the software for network monitoring and control of IT infrastructure on the SolarWinds Platform is related to an uncontrolled element in the search process. Exploiting this vulnerability could allow attackers to enhance their privileges...

7.8CVSS7.2AI score0.00279EPSS
Exploits0References4Affected Software1
NCSC
NCSC
added 2024/10/17 6:9 a.m.7 views

Vulnerabilities fixed in Solarwinds Platform

Solarwinds has fixed vulnerabilities in Solarwinds Platform. An authenticated malicious person could exploit the vulnerabilities to launch a Cross-Site Scripting attack or locally increase permissions. Solarwinds has released updates to fix the vulnerabilities in Solarwinds Platform 2024.4. See...

7.8CVSS6.3AI score0.00329EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/10/17 12:0 a.m.29 views

SolarWinds Platform 2024.2.0 < 2024.4 Multiple Vulnerabilities XSS

The version of SolarWinds Platform installed on the remote host is prior to 2024.4. It is, therefore, affected by multiple vulnerabilities as referenced in the solarwindsplatform20244 advisory. - SolarWinds Platform is susceptible to an Uncontrolled Search Path Element Local Privilege Escalation...

7.8CVSS5.6AI score0.00329EPSS
Exploits0References4
NVD
NVD
added 2024/10/16 8:15 a.m.25 views

CVE-2024-45715

The SolarWinds Platform was susceptible to a Cross-Site Scripting vulnerability when performing an edit function to existing elements...

7.1CVSS0.00329EPSS
Exploits0References1
OSV
OSV
added 2024/10/16 8:15 a.m.5 views

CVE-2024-45715

The SolarWinds Platform was susceptible to a Cross-Site Scripting vulnerability when performing an edit function to existing elements...

5.2CVSS5.8AI score0.00329EPSS
Exploits0References1
OSV
OSV
added 2024/10/16 8:15 a.m.6 views

CVE-2024-45710

SolarWinds Platform is susceptible to an Uncontrolled Search Path Element Local Privilege Escalation vulnerability. This requires a low privilege account and local access to the affected node machine...

7.8CVSS5.8AI score0.00279EPSS
Exploits0References1
CVE
CVE
added 2024/10/16 7:17 a.m.64 views

CVE-2024-45715

The CVE-2024-45715 entry corresponds to a Cross-Site Scripting vulnerability in the SolarWinds Platform, triggered when performing an edit function on existing elements. Connected sources indicate affected versions are SolarWinds Platform prior to 2024.4 (e.g., 2024.2.0 up to before 2024.4) and d...

7.1CVSS6.2AI score0.00329EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2024/10/16 7:16 a.m.72 views

CVE-2024-45710

CVE-2024-45710 affects SolarWinds Platform and is described as an Uncontrolled Search Path Element Local Privilege Escalation. The vulnerability arises from an improper handling of search path elements, enabling a low-privilege user with local access to escalate privileges on the affected node. T...

7.8CVSS7.6AI score0.00279EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2024/10/16 12:0 a.m.4 views

SolarWinds Platform 代码问题漏洞

SolarWinds Platform is a unified monitoring, observability, and service management platform from U.S.-based SolarWinds, Inc. A code issue vulnerability exists in SolarWinds Platform versions 2024.2.1 and earlier, which stems from vulnerability to an uncontrolled local elevation of privilege...

7.8CVSS6.7AI score0.00279EPSS
Exploits0References2
Rows per page
Query Builder