Vulnerability Details CVE-2024-45712
SolarWinds Serv-U is vulnerable to a client-side cross-site scripting (XSS) vulnerability. The vulnerability can only be performed by an authenticated account, on the local machine, from the local browser session. Therefore the risk is very low.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 5.9%
CVSS Severity
CVSS v3 Score 2.6
References
Products affected by CVE-2024-45712
-
cpe:2.3:a:solarwinds:serv-u:-
-
cpe:2.3:a:solarwinds:serv-u:15.1
-
cpe:2.3:a:solarwinds:serv-u:15.1.1
-
cpe:2.3:a:solarwinds:serv-u:15.1.2
-
cpe:2.3:a:solarwinds:serv-u:15.1.3
-
cpe:2.3:a:solarwinds:serv-u:15.1.4
-
cpe:2.3:a:solarwinds:serv-u:15.1.5
-
cpe:2.3:a:solarwinds:serv-u:15.1.6
-
cpe:2.3:a:solarwinds:serv-u:15.1.7
-
cpe:2.3:a:solarwinds:serv-u:15.2.1
-
cpe:2.3:a:solarwinds:serv-u:15.2.2
-
cpe:2.3:a:solarwinds:serv-u:15.2.3
-
cpe:2.3:a:solarwinds:serv-u:15.2.4
-
cpe:2.3:a:solarwinds:serv-u:15.2.5
-
cpe:2.3:a:solarwinds:serv-u:15.3
-
cpe:2.3:a:solarwinds:serv-u:15.3.0
-
cpe:2.3:a:solarwinds:serv-u:15.3.1
-
cpe:2.3:a:solarwinds:serv-u:15.3.2
-
cpe:2.3:a:solarwinds:serv-u:15.4.0
-
cpe:2.3:a:solarwinds:serv-u:15.4.2
-
cpe:2.3:a:solarwinds:serv-u:15.4.2.3
-
cpe:2.3:a:solarwinds:serv-u:15.5