SolarWinds Platform SWQL Injection Vulnerability
CVE-2024-29001

8HIGH

Key Information:

Vendor: Solarwinds
Status: Solarwinds Platform
Vendor: CVE Published:; 18 April 2024

What is CVE-2024-29001?

A SWQL injection vulnerability exists within the user interface of the SolarWinds Platform, which necessitates authentication and user interaction for exploitation. This security flaw could potentially allow an attacker to manipulate SWQL queries executed by the application, leading to unauthorized access and compromised data integrity. Users of affected versions should remain vigilant and consider applying any available patches or updates as recommended in the official advisories to mitigate risks associated with this vulnerability.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

SolarWinds Platform 2024.1 and previous versions

References

https://www.solarwinds.com/trust-center/security-advisori...

https://documentation.solarwinds.com/en/success_center/or...

CVSS V3.1

Score:

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Apr 18, 2024

Credit

Jean-Michel Huguet & Arnoldas Radisauskas working with NATO

JSON

Solarwinds

What is CVE-2024-29001?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Credit

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.