CVE-2024-0692

Summary

The SolarWinds Security Event Manager was susceptible to Remote Code Execution Vulnerability. This vulnerability allows an unauthenticated user to abuse SolarWinds’ service, resulting in remote code execution.

Affected Software

VendorProductVersion RangeStatus
SolarWindsSecurity Event Manager2023.4 and previous versionsaffected

Weaknesses

  • CWE-502: CWE-502 Deserialization of Untrusted Data

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

CVE Program Container

Additional References

References