Lucene search
SolarWindsCVE-2024-29001HistoryApr 18, 2024 - 9:15 a.m.
CVE-2024-29001
2024-04-1809:15:11
CWE-89
SolarWinds
web.nvd.nist.gov
51
solarwinds
swql injection
vulnerability
user interface
authentication
user interaction
exploited
CVSS3
7.5
Attack Vector
ADJACENT
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:L
AI Score
7.1
Confidence
Low
EPSS
0
Percentile
9.0%
A SolarWinds Platform SWQL Injection Vulnerability was identified in the user interface. This vulnerability requires authentication and user interaction to be exploited.
CNA Affected
[
{
"defaultStatus": "affected",
"product": "SolarWinds Platform ",
"vendor": "SolarWinds ",
"versions": [
{
"status": "affected",
"version": "2024.1 and previous versions "
}
]
}
]Related
nvd
nvd
CVE-2024-29001
2024-04-18 09:15:11
vulnrichment
vulnrichment
CVE-2024-29001 SolarWinds Platform SWQL Injection Vulnerability
2024-04-18 09:06:41
cvelist
cvelist
CVE-2024-29001 SolarWinds Platform SWQL Injection Vulnerability
2024-04-18 09:06:41
nessus
nessus
SolarWinds Platform 2024.0 < 2024.1.1 Multiple Vulnerabilities XSS
2024-04-19 00:00:00
CVSS3
7.5
Attack Vector
ADJACENT
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:L
AI Score
7.1
Confidence
Low
EPSS
0
Percentile
9.0%
Related for CVE-2024-29001