Description
The SolarWinds Platform is vulnerable to an information disclosure vulnerability through an error message. While the data does not provide anything sensitive, the information could assist an attacker in other malicious actions.
CVSS Metrics
- Vector
- CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
- Attack Vector
- adjacent network
- Complexity
- low
- Privileges
- low
- User Action
- none
- Scope
- unchanged
- Confidentiality
- low
- Integrity
- none
- Availability
- none
- Weaknesses
- CWE-209
Metadata
- Primary Vendor
- SOLARWINDS
- Published
- 2/11/2025
- Last Modified
- 2/25/2025
- Source
- NIST NVD
- Note: Verify all details with official vendor sources before applying patches.
Affected Products
solarwinds : solarwinds_platform
AI-Powered Remediation
Generate remediation guidance or a C-suite brief for this vulnerability.