CVE-2024-45717

Description

The SolarWinds Platform was susceptible to a XSS vulnerability that affects the search and node information section of the user interface. This vulnerability requires authentication and requires user interaction.

CVSS breakdown

CVSS 3.1

Attack Vector

Adjacent

Attack Complexity

Low

Privileges Required

Low

User Interaction

Required

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

Low

Affected products

SolarWinds / SolarWinds PlatformSolarWinds Platform 2024.4 and prior versions – SolarWinds Platform 2024.4 and prior versions

References

VENDOR_ADVISORYhttps://www.solarwinds.com/trust-center/security-advisories/CVE-2024-45717
MISChttps://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/solarwinds_platform_2024-4-1_release_notes.htm