CVE-2024-45717

CVSS 3.1 Score 7 of 10 (high)

Details

Published Dec 4, 2024
CWE ID 79

Summary

CVE-2024-45717 is a XSS vulnerability affecting the SolarWinds Platform. This issue resides in the search and node information section of the user interface, making it susceptible to malicious code injection. Authentication is required for exploitation, and user interaction is necessary for the attack to take effect. This vulnerability poses a significant risk, as successful exploitation can lead to unauthorized access or data theft. Users are strongly encouraged to update their SolarWinds installations to mitigate this risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • SolarWinds Orion

Affected Vendors

  • SolarWinds Inc.