CVE-2024-45711

SolarWinds Serv-U is vulnerable to a directory traversal vulnerability where remote code execution is possible depending on privileges given to the authenticated user. This issue requires a user to be authenticated and this is present when software environment variables are abused. Authentication is required for this vulnerability
Configurations

Configuration 1 (hide)

cpe:2.3:a:solarwinds:serv-u:*:*:*:*:*:*:*:*

History

17 Oct 2024, 20:17

Type Values Removed Values Added
CPE cpe:2.3:a:solarwinds:serv-u:*:*:*:*:*:*:*:*
First Time Solarwinds serv-u
Solarwinds
References () https://www.solarwinds.com/trust-center/security-advisories/CVE-2024-45711 - () https://www.solarwinds.com/trust-center/security-advisories/CVE-2024-45711 - Vendor Advisory
CVSS v2 : unknown
v3 : 7.5
v2 : unknown
v3 : 8.8

16 Oct 2024, 16:38

Type Values Removed Values Added
Summary
  • (es) SolarWinds Serv-U es vulnerable a una vulnerabilidad de directory traversal en la que es posible la ejecución remota de código según los privilegios otorgados al usuario autenticado. Este problema requiere que el usuario esté autenticado y esto ocurre cuando se abusa de las variables del entorno del software. Se requiere autenticación para esta vulnerabilidad

16 Oct 2024, 08:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-10-16 08:15

Updated : 2024-10-17 20:17


NVD link : CVE-2024-45711

Mitre link : CVE-2024-45711

CVE.ORG link : CVE-2024-45711


JSON object : View

Products Affected

solarwinds

  • serv-u
CWE
CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')