CVE-2024-52611

Published: Feb 11, 2025Modified: Feb 25, 2025

3.5

Vector

CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Exploitability: 2.1 / Impact: 1.4

Source: psirt@solarwinds.com (Secondary)

Description

The SolarWinds Platform is vulnerable to an information disclosure vulnerability through an error message. While the data does not provide anything sensitive, the information could assist an attacker in other malicious actions.

Affected (1)

Products: Solarwinds: Solarwinds Platform

Solarwinds

1 product

Solarwinds Platform

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Solarwinds Solarwinds Platform	Before 2025.1

Related CWEs

CWE-209

Generation of Error Message Containing Sensitive Information

The product generates an error message that includes sensitive information about its environment, users, or associated data.

References (2)

https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/solarwinds_platform_2025-1_release_notes.htm

Source: psirt@solarwinds.com

Release Notes

https://www.solarwinds.com/trust-center/security-advisories/CVE-2024-52611

Source: psirt@solarwinds.com

Vendor Advisory

Timeline

No history available yet.