Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2024-45711

SolarWinds Serv-U is vulnerable to a directory traversal vulnerability where remote code execution is possible depending on privileges given to the authenticated user. This issue requires a user to be authenticated and this is present when software environment variables are abused. Authentication is required for this vulnerability

Published

2024-10-16T08:15:06.690

Last Modified

2024-10-17T20:17:29.207

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 7.5 (HIGH)

Weaknesses

Type: Primary
CWE-22

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	solarwinds	serv-u	< 15.5	Yes

References

https://www.solarwinds.com/trust-center/security-advisories/CVE-2024-45711 Vendor Advisory ([email protected])