SolarWinds Serv-U was susceptible to a directory transversal vulnerability that would allow access to read sensitive files on the host machine.
References
Link | Resource |
---|---|
https://www.solarwinds.com/trust-center/security-advisories/CVE-2024-28995 | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
11 Jun 2024, 17:47
Type | Values Removed | Values Added |
---|---|---|
First Time |
Solarwinds serv-u
Solarwinds |
|
CPE | cpe:2.3:a:solarwinds:serv-u:15.4.2:-:*:*:*:*:*:* cpe:2.3:a:solarwinds:serv-u:*:*:*:*:*:*:*:* cpe:2.3:a:solarwinds:serv-u:15.4.2:hotfix1:*:*:*:*:*:* |
|
References | () https://www.solarwinds.com/trust-center/security-advisories/CVE-2024-28995 - Vendor Advisory | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.5 |
06 Jun 2024, 14:17
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
06 Jun 2024, 09:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-06-06 09:15
Updated : 2024-07-18 01:00
NVD link : CVE-2024-28995
Mitre link : CVE-2024-28995
CVE.ORG link : CVE-2024-28995
JSON object : View
Products Affected
solarwinds
- serv-u
CWE
CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')