SolarWinds Flaw Flagged by NATO Pen Tester

  /     /     /  
Publicated : 23/11/2024   Category : security


SolarWinds Flaw Flagged by NATO Pen Tester


The latest platform update from SolarWinds includes patches for three vulnerabilities, including two high-severity bugs.



SolarWinds has released its version 2024.2, including a variety of new features and upgrades, along with patches for three different security vulnerabilities.
Notably, one high-severity SWQL injection bug, tracked under
CVE-2024-28996
(CVSS 7.5), was reported to SolarWinds security by Nils Putnins, a penetration tester affiliated with the North Atlantic Treaty Organization (NATO),
the company reported
along with the new release. The other flaws fixed in the latest SolarWinds update included a high-severity cross-site scripting flaw, tracked under
CVE-2024-29004
(CVSS 7.1), and a medium-severity race condition vulnerability affecting the Web console, tracked under
CVE-2024-28999
(CVSS 7.1), the company said.
In addition to security updates, the latest SolarWinds version includes improvements in its map functionality, as well as better stability, performance, and user experience.
SolarWinds tells Dark Reading there is no evidence the flaws were exploited in the wild.
SolarWinds
was infamously attacked in 2020 in a successful effort by a nation-state actor to compromise many high-profile organizations, including agencies of the US federal government.

Last News

▸ Website hacks happened during World Cup final. ◂
Discovered: 23/12/2024
Category: security

▸ Criminal Possession of Government-Grade Stealth Malware ◂
Discovered: 23/12/2024
Category: security

▸ Senate wants changes to cybercrime law. ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
SolarWinds Flaw Flagged by NATO Pen Tester