Back

CVE-2024-29003

April 18, 2024, 1:04 p.m.

Awaiting Analysis
CVE has been recently published to the CVE List and has been received by the NVD.

Products

SolarWinds Platform

Source

psirt@solarwinds.com

Tags

CVE-2024-29003 details

Published : April 18, 2024, 10:15 a.m.
Last Modified : April 18, 2024, 1:04 p.m.

Description

The SolarWinds Platform was susceptible to a XSS vulnerability that affects the maps section of the user interface. This vulnerability requires authentication and requires user interaction.

CVSS Score

1 2 3 4 5 6 7.5 8 9 10

Weakness

Weakness Name Description

CVSS Data

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Privileges Required

LOW

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

LOW

Availability Impact

LOW

Base Score

7.5

Exploitability Score

Impact Score

Base Severity

HIGH

Vector String : CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:L

References

URL Source
https://www.solarwinds.com/trust-center/security-advisories/CVE-2024-29003 psirt@solarwinds.com
This website uses the NVD API, but is not approved or certified by it.