Solarwinds: >> Serv-U >> 15.4.2 Security Vulnerabilities
CVE-2024-28995
SolarWinds Serv-U was susceptible to a directory transversal vulnerability that would allow access to read sensitive files on the host machine.
Known exploited
CVSS Score
8.6
EPSS Score
0.944
Published
2024-06-06
A highly privileged account can overwrite arbitrary files on the system with log output. The log file path tags were not sanitized properly.
CVSS Score
5.7
EPSS Score
0.002
Published
2024-05-03