SolarWinds Platform Arbitrary Open Redirection Vulnerability
(CVE-2024-28076)
Summary
The SolarWinds Platform was susceptible to an arbitrary open redirection vulnerability. If exploited, a potential attacker can redirect to a different domain when using URL parameter with relative entry in the correct format.
Affected Products
- SolarWinds Platform 2024.1 and prior versions
Fixed Software Release
Acknowledgments
- Nils Putnins working with NATO
Advisory Details
Severity
7.0 High
Advisory ID
First Published
04/18/2024
Last Updated
04/18/2024