Vulnerability Details CVE-2024-0692
The SolarWinds Security Event Manager was susceptible to Remote Code Execution Vulnerability. This vulnerability allows an unauthenticated user to abuse SolarWinds’ service, resulting in remote code execution.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.867
EPSS Ranking 99.4%
CVSS Severity
CVSS v3 Score 8.8
References
- https://documentation.solarwinds.com/en/success_center/sem/content/release_notes/sem_2023-4-1_release_notes.htm
- https://www.solarwinds.com/trust-center/security-advisories/CVE-2024-0692
- https://documentation.solarwinds.com/en/success_center/sem/content/release_notes/sem_2023-4-1_release_notes.htm
- https://www.solarwinds.com/trust-center/security-advisories/CVE-2024-0692
Products affected by CVE-2024-0692
-
cpe:2.3:a:solarwinds:security_event_manager:2022.4