The SolarWinds Platform was susceptible to a Cross-Site Scripting vulnerability when performing an edit function to existing elements.
Fixes

Solution

SolarWinds recommends that customers upgrade to SolarWinds Platform 2024.4 as soon as it becomes available.


Workaround

No workaround given by the vendor.

History

Sat, 12 Jul 2025 13:45:00 +0000

Type Values Removed Values Added
Metrics epss

{'score': 0.00221}

epss

{'score': 0.00246}


Wed, 30 Oct 2024 21:15:00 +0000

Type Values Removed Values Added
First Time appeared Solarwinds
Solarwinds solarwinds Platform
CPEs cpe:2.3:a:solarwinds:solarwinds_platform:*:*:*:*:*:*:*:*
Vendors & Products Solarwinds
Solarwinds solarwinds Platform

Wed, 16 Oct 2024 14:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Wed, 16 Oct 2024 07:30:00 +0000

Type Values Removed Values Added
Description The SolarWinds Platform was susceptible to a Cross-Site Scripting vulnerability when performing an edit function to existing elements.
Title SolarWinds Platform Edit Function Cross-Site Scripting Vulnerability
Weaknesses CWE-79
References
Metrics cvssV3_1

{'score': 7.1, 'vector': 'CVSS:3.1/AV:A/AC:L/PR:H/UI:R/S:C/C:H/I:L/A:L'}


cve-icon MITRE

Status: PUBLISHED

Assigner: SolarWinds

Published:

Updated: 2024-10-16T13:27:15.463Z

Reserved: 2024-09-05T08:28:03.888Z

Link: CVE-2024-45715

cve-icon Vulnrichment

Updated: 2024-10-16T13:27:11.076Z

cve-icon NVD

Status : Analyzed

Published: 2024-10-16T08:15:07.110

Modified: 2024-10-30T20:59:19.737

Link: CVE-2024-45715

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.