CVE-2024-45717

Summary

The SolarWinds Platform was susceptible to a XSS vulnerability that affects the search and node information section of the user interface. This vulnerability requires authentication and requires user interaction.

Affected Software

VendorProductVersion RangeStatus
SolarWindsSolarWinds PlatformSolarWinds Platform 2024.4 and prior versionsaffected

Weaknesses

  • CWE-79: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References