CVE-2024-28072

CVSS V2 None CVSS V3 None
Description
A highly privileged account can overwrite arbitrary files on the system with log output. The log file path tags were not sanitized properly.
Overview
  • CVE ID
  • CVE-2024-28072
  • Assigner
  • SolarWinds
  • Vulnerability Status
  • PUBLISHED
  • Published Version
  • 2024-05-03T07:50:00.696Z
  • Last Modified Date
  • 2024-05-03T07:50:00.696Z
Weakness Enumerations
CWE URL
CWE-532 http://cwe.mitre.org/data/definitions/532.html
References
Reference URL Reference Tags
https://www.solarwinds.com/trust-center/security-advisories/CVE-2024-28072
https://solarwindscore.my.site.com/SuccessCenter/s/article/Serv-U-15-4-2-Hotfix-1-Release-Notes?language=en_US
Sources
Source Name Source URL
NIST https://nvd.nist.gov/vuln/detail/CVE-2024-28072
MITRE https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-28072
History
Created Old Value New Value Data Type Notes
2024-06-26 07:45:03 Added to TrackCVE