Information Disclosure Vulnerability in SolarWinds Platform
CVE-2024-52611

3.5LOW

Key Information:

Vendor: Solarwinds
Status: Solarwinds Platform
Vendor: CVE Published:; 11 February 2025

Summary

The SolarWinds Platform contains an information disclosure vulnerability that can be exploited via an error message. Although the disclosed data is not sensitive, it may provide attackers with useful information that facilitates further malicious activities. This highlights the need for users to be aware of the potential risks and apply necessary updates to safeguard their systems.

Affected Version(s)

SolarWinds Platform Windows 2024.4.1 and previous versions

References

https://documentation.solarwinds.com/en/success_center/or...

https://www.solarwinds.com/trust-center/security-advisori...

CVSS V3.1

Score:

3.5

Severity:

LOW

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Feb 11, 2025
Vulnerability Reserved
Nov 14, 2024

Credit

Vicky Malekar, Ravi Khanchani and Techsa SolarWinds Team