CVE-2024-28999— SolarWinds Platform Race Condition Vulnerability
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2024-28999
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
SolarWinds Platform Race Condition Vulnerability
Source: NVD (National Vulnerability Database)
Vulnerability Description
The SolarWinds Platform was determined to be affected by a Race Condition Vulnerability affecting the web console.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:L
Source: NVD (National Vulnerability Database)
Vulnerability Type
使用共享资源的并发执行不恰当同步问题(竞争条件)
Source: NVD (National Vulnerability Database)
Vulnerability Title
SolarWinds Platform 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
SolarWinds Platform是美国SolarWinds公司的一个统一监控、可观察性和服务管理平台。 SolarWinds Platform存在安全漏洞,该漏洞源于容易受到影响Web控制台的竞争条件的攻击。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| SolarWinds | SolarWinds Platform | 2024.1.1 and previous versions | - |
II. Public POCs for CVE-2024-28999
| # | POC Description | Source Link | Shenlong Link |
|---|---|---|---|
| 1 | Exploit for CVE-2024-28999 SolarWinds Platform Race Condition Vulnerability - login page | https://github.com/HussainFathy/CVE-2024-28999 | POC Details |
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2024-28999
请登录查看更多情报信息。
IV. Related Vulnerabilities
Same product: SolarWinds Platform
- CVE-2024-52611
SolarWinds Platform Information Disclosure Vulnerability - CVE-2024-52612
SolarWinds Platform Reflected Cross-Site Scripting Vulnerabi - CVE-2024-45717
SolarWinds Platform Cross- Site Scripting Vulnerability - CVE-2024-45715
SolarWinds Platform Edit Function Cross-Site Scripting Vulne - CVE-2024-45710
SolarWinds Platform Uncontrolled Search Path Element Local P
Same vendor: SolarWinds
- CVE-2024-29004
SolarWinds Platform Stored XSS Vulnerability - CVE-2024-28072
Arbitrary File Overwrite Vulnerability - CVE-2024-29003
SolarWinds Platform Cross Site Scripting Vulnerability - CVE-2024-29001
SolarWinds Platform SWQL Injection Vulnerability - CVE-2024-28076
SolarWinds Platform Arbitrary Open Redirection Vulnerability
V. Comments for CVE-2024-28999
No comments yet