Uncontrolled Search Path Element Local Privilege Escalation Vulnerability Affects SolarWinds Platform
CVE-2024-45710

7.8HIGH

Key Information:

Vendor: SolarWinds
Status: Solarwinds Platform
Vendor: CVE Published:; 16 October 2024

Summary

The SolarWinds Platform is affected by a vulnerability that allows local privilege escalation due to an uncontrolled search path element. This vulnerability requires an attacker to possess a low privilege account and local access to the affected machine. Exploitation could potentially lead to unauthorized access or manipulation of system resources, thereby compromising the integrity and security of the affected system.

References

https://www.solarwinds.com/trust-center/security-advisori...

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Oct 16, 2024