Back

CVE-2024-28999

June 4, 2024, 4:57 p.m.

Awaiting Analysis
CVE has been recently published to the CVE List and has been received by the NVD.

Products

SolarWinds Platform

Source

psirt@solarwinds.com

Tags

CWE-362
psirt@solarwinds.com
2024-06-04
CVE-2024-28999

CVE-2024-28999 details

Published : June 4, 2024, 3:15 p.m.
Last Modified : June 4, 2024, 4:57 p.m.

Description

The SolarWinds Platform was determined to be affected by a Race Condition Vulnerability affecting the web console.

CVSS Score

1 2 3 4 5 6.4 7 8 9 10

Weakness

Weakness Name Description

CVSS Data

Attack Vector

ADJACENT_NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

LOW

Availability Impact

LOW

Base Score

6.4

Exploitability Score

Impact Score

Base Severity

MEDIUM

Vector String : CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:L

References

URL Source
https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/solarwinds_platform_2024-2_release_notes.htm psirt@solarwinds.com
https://www.solarwinds.com/trust-center/security-advisories/CVE-2024-28999 psirt@solarwinds.com
This website uses the NVD API, but is not approved or certified by it.