CVE-2024-45712

Sažetak

SolarWinds Serv-U is vulnerable to a client-side cross-site scripting (XSS) vulnerability. The vulnerability can only be performed by an authenticated account, on the local machine, from the local browser session. Therefore the risk is very low.

Reference

https://documentation.solarwinds.com/en/success_center/servu/content/release_notes/servu_15-5-1_release_notes.htm
https://www.solarwinds.com/trust-center/security-advisories/CVE-2024-45712

CVSS

Base:	2.6
Impact:	1.4
Exploitability:	1.2

Pristup

Vektor	Složenost	Autentikacija
NETWORK	HIGH	LOW

Impact

Povjerljivost	Cjelovitost	Dostupnost
LOW	NONE	NONE

CVSS vektor

CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:N

Zadnje važnije ažuriranje

15-04-2025 - 18:39

Objavljeno

15-04-2025 - 09:15