CVE-2024-52611

Description

The SolarWinds Platform is vulnerable to an information disclosure vulnerability through an error message. While the data does not provide anything sensitive, the information could assist an attacker in other malicious actions.

CVSS breakdown

CVSS 3.1

Attack Vector

Adjacent

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

Low

Integrity

None

Availability

None

Affected products

SolarWinds / SolarWinds Platform2024.4.1 and previous versions – 2024.4.1 and previous versions

References

MISChttps://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/solarwinds_platform_2025-1_release_notes.htm
VENDOR_ADVISORYhttps://www.solarwinds.com/trust-center/security-advisories/CVE-2024-52611