SolarWinds, a leading provider of IT management software, has announced patches for multiple high-severity vulnerabilities in its Serv-U product and the SolarWinds Platform. These vulnerabilities were identified, including one reported by a penetration tester working with NATO.
The latest iteration of the SolarWinds Platform, version 2024.2, includes patches for three new security defects, as well as fixes for multiple bugs in third-party components. The first issue, tracked as CVE-2024-28996, was reported by Nils Putnins, a pentester from the NATO Communications and Information Agency. This flaw is described as an SWQL injection vulnerability. SWQL, a proprietary, read-only subset of SQL, allows users to query the SolarWinds database for specific network information.
In addition to this, SolarWinds also announced patches for two security defects impacting the web console of its platform. These include CVE-2024-28999, a race condition vulnerability, and CVE-2024-29004, a stored cross-site scripting (XSS) flaw. The latter requires high privileges and user interaction for successful exploitation.
These vulnerabilities impact SolarWinds Platform 2024.1 SR 1 and previous versions. Users are advised to update to version 2024.2 of the platform as soon as possible to mitigate these risks.
The SolarWinds Platform update also includes fixes for a medium-severity flaw in Angular and ten high- and medium-severity issues in OpenSSL. Some of these issues, which could be exploited to cause a denial-of-service (DoS) condition, were disclosed as far back as seven years ago.
This week, SolarWinds also rolled out a hotfix for CVE-2024-28995, a high-severity directory traversal vulnerability in Serv-U. This vulnerability could allow attackers to read sensitive files on the host machine. With a CVSS score of 8.6, the bug impacts Serv-U 15.4.2 hotfix 1 and previous versions, including Serv-U FTP Server, Serv-U Gateway, and Serv-U MFT Server. Serv-U 15.4.2 hotfix 2, which resolves the flaw, is compatible with both Windows and Linux systems.
As of now, SolarWinds has not reported any instances of these vulnerabilities being exploited in the wild. However, users and administrators are strongly advised to apply the available patches as soon as possible to ensure the security of their systems.
You may also like:- How to Choose the Best Penetration Testing Tool for Your Business
- Top 8 Cybersecurity Testing Tools for 2024
- How To Parse FortiGate Firewall Logs with Logstash
- Categorizing IPs with Logstash – Private, Public, and GeoIP Enrichment
- 9 Rules of Engagement for Penetration Testing
- Google vs. Oracle – The Epic Copyright Battle That Shaped the Tech World
- Introducing ChatGPT Search – Your New Gateway to Instant, Up-to-date Information
- Python Has Surpassed JavaScript as the No. 1 Language on GitHub
- [Solution] Missing logstash-plain.log File in Logstash
- Top 7 Essential Tips for a Successful Website