{
    "file_item": {
        "filepath": "security-advisories",
        "filename": "CERT-EU-SA2024-055.pdf"
    },
    "title": "SolarWinds High-Severity Vulnerabilities",
    "serial_number": "2024-055",
    "publish_date": "08-06-2024 09:43:12",
    "description": " On the 4th and 5th of June 2024, SolarWinds published four separate security advisories related to high-severity vulnerabilities in multiple products. CERT-EU strongly recommends patching them as soon as possible. <br>\n",
    "url_title": "2024-055",
    "content_markdown": "---\ntitle: 'SolarWinds High-Severity\u00a0Vulnerabilities'\nnumber: '2024-055'\nversion: '1.0'\noriginal_date: 'June 5, 2024'\ndate: 'June 8, 2024'\n---\n\n_History:_\n\n* _08/06/2024 --- v1.0 -- Initial publication_\n\n# Summary\n\n On the 4th and 5th of June 2024, SolarWinds published four separate security advisories related to high-severity vulnerabilities in multiple products [1]. CERT-EU strongly recommends patching them as soon as possible. \n\n# Technical Details\n\n**CVE-2024-28995** - SolarWinds Serv-U was susceptible to a directory transversal vulnerability that would allow access to read sensitive files on the host machine [2]. \n\n**CVE-2024-28996** - The SolarWinds Platform was determined to be affected by a SWQL Injection Vulnerability. Attack complexity is high for this vulnerability [3].\n\n**CVE-2024-28999** - The SolarWinds Platform was determined to be affected by a Race Condition Vulnerability affecting the web console [4].\n\n**CVE-2024-29004** - The SolarWinds Platform was determined to be affected by a stored cross-site scripting vulnerability affecting the web console. High-privileged user credentials are needed, and user interaction is required to exploit this vulnerability [5].\n\n# Affected Products\n\n- SolarWinds Serv-U 15.4.2 HF 1 and previous versions (CVE-2024-28995)\n- SolarWinds Platform 2024.1 SR 1 and previous versions (CVE-2024-28996, CVE-2024-28999, and CVE-2024-29004)\n\n# Recommendations\n\nSolarWinds has released updated versions of their products where these vulnerabilities are patched. CERT-EU strongly recommends updating the relevant products as soon as possible. \n\n## References\n\n[1] <https://www.solarwinds.com/trust-center/security-advisories>\n\n[2] <https://www.solarwinds.com/trust-center/security-advisories/cve-2024-28995>\n\n[3] <https://www.solarwinds.com/trust-center/security-advisories/cve-2024-28996>\n\n[4] <https://www.solarwinds.com/trust-center/security-advisories/cve-2024-28999>\n\n[5] <https://www.solarwinds.com/trust-center/security-advisories/cve-2024-29004>\n\n\n",
    "content_html": "<p><em>History:</em></p><ul><li><em>08/06/2024 --- v1.0 -- Initial publication</em></li></ul><h2 id=\"summary\">Summary</h2><p>On the 4th and 5th of June 2024, SolarWinds published four separate security advisories related to high-severity vulnerabilities in multiple products [1]. CERT-EU strongly recommends patching them as soon as possible. </p><h2 id=\"technical-details\">Technical Details</h2><p><strong>CVE-2024-28995</strong> - SolarWinds Serv-U was susceptible to a directory transversal vulnerability that would allow access to read sensitive files on the host machine [2]. </p><p><strong>CVE-2024-28996</strong> - The SolarWinds Platform was determined to be affected by a SWQL Injection Vulnerability. Attack complexity is high for this vulnerability [3].</p><p><strong>CVE-2024-28999</strong> - The SolarWinds Platform was determined to be affected by a Race Condition Vulnerability affecting the web console [4].</p><p><strong>CVE-2024-29004</strong> - The SolarWinds Platform was determined to be affected by a stored cross-site scripting vulnerability affecting the web console. High-privileged user credentials are needed, and user interaction is required to exploit this vulnerability [5].</p><h2 id=\"affected-products\">Affected Products</h2><ul><li>SolarWinds Serv-U 15.4.2 HF 1 and previous versions (CVE-2024-28995)</li><li>SolarWinds Platform 2024.1 SR 1 and previous versions (CVE-2024-28996, CVE-2024-28999, and CVE-2024-29004)</li></ul><h2 id=\"recommendations\">Recommendations</h2><p>SolarWinds has released updated versions of their products where these vulnerabilities are patched. CERT-EU strongly recommends updating the relevant products as soon as possible. </p><h3 id=\"references\">References</h3><p>[1] <a rel=\"noopener\" target=\"_blank\" href=\"https://www.solarwinds.com/trust-center/security-advisories\">https://www.solarwinds.com/trust-center/security-advisories</a></p><p>[2] <a rel=\"noopener\" target=\"_blank\" href=\"https://www.solarwinds.com/trust-center/security-advisories/cve-2024-28995\">https://www.solarwinds.com/trust-center/security-advisories/cve-2024-28995</a></p><p>[3] <a rel=\"noopener\" target=\"_blank\" href=\"https://www.solarwinds.com/trust-center/security-advisories/cve-2024-28996\">https://www.solarwinds.com/trust-center/security-advisories/cve-2024-28996</a></p><p>[4] <a rel=\"noopener\" target=\"_blank\" href=\"https://www.solarwinds.com/trust-center/security-advisories/cve-2024-28999\">https://www.solarwinds.com/trust-center/security-advisories/cve-2024-28999</a></p><p>[5] <a rel=\"noopener\" target=\"_blank\" href=\"https://www.solarwinds.com/trust-center/security-advisories/cve-2024-29004\">https://www.solarwinds.com/trust-center/security-advisories/cve-2024-29004</a></p>",
    "licence": {
        "title": "Creative Commons Attribution 4.0 International (CC-BY 4.0)",
        "link": "https://creativecommons.org/licenses/by/4.0/",
        "restrictions": "https://cert.europa.eu/legal-notice",
        "author": "The Cybersecurity Service for the Union institutions, bodies, offices and agencies"
    }
}