Menu

  • Alerts
  • Incidents
  • News
  • APTs
  • Cyber Decoded
  • Cyber Hygiene
  • Cyber Review
  • Cyber Tips
  • Definitions
  • Malware
  • Threat Actors
  • Tutorials

Useful Tools

  • Password generator
  • Report an incident
  • Report to authorities
No Result
View All Result
CTF Hack Havoc
CyberMaterial
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
Hall of Hacks
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
No Result
View All Result
Hall of Hacks
CyberMaterial
No Result
View All Result
Home Alerts

SolarWinds Patches Critical Security Bugs

June 4, 2024
Reading Time: 3 mins read
in Alerts
SolarWinds Patches Critical Security Bugs

SolarWinds has responded swiftly to critical security vulnerabilities affecting its Serv-U and SolarWinds Platform software with the release of version 2024.2. This comprehensive update comes in the wake of multiple high-severity issues, notably including an SWQL injection flaw that was discovered and reported by NATO pentester Nils Putnins. This vulnerability allows unauthorized access to SolarWinds databases, posing significant risks to network security and sensitive data integrity.

In addition to addressing the SWQL injection vulnerability, SolarWinds has also remediated CVE-2024-28999, a race condition vulnerability, and CVE-2024-29004, a stored cross-site scripting (XSS) flaw impacting the SolarWinds Platform’s web console. These vulnerabilities, which require specific user privileges to exploit, underscore the critical importance of organizations promptly updating their systems to safeguard against potential security breaches and ensure the protection of sensitive information.

The scope of the version 2024.2 update extends beyond immediate security fixes, encompassing medium-severity vulnerabilities identified within Angular and addressing longstanding issues within OpenSSL, some of which have been known for up to seven years. These patches are crucial for mitigating the risk of denial-of-service (DoS) attacks and enhancing the overall resilience of SolarWinds environments against evolving cyber threats.

Furthermore, SolarWinds has rolled out a vital hotfix specifically for CVE-2024-28995, a high-severity directory traversal flaw affecting various Serv-U products. With a CVSS score of 8.6, this vulnerability could potentially enable malicious actors to access sensitive files on affected systems. Organizations utilizing Serv-U solutions are strongly advised to implement the latest patches and hotfixes without delay, ensuring comprehensive protection against these vulnerabilities and maintaining the security posture of their IT infrastructure.

Reference:

  • SolarWinds Patch Fixes High-Severity Vulnerabilities in the Solarwinds Platform
Tags: Cyber AlertsCyber Alerts 2024Cyber RiskCyber threatsJune 2024Serv-USolarWindsSWQLVulnerabilities
ADVERTISEMENT

Related Posts

FreeDrain Phishing Steals Crypto Funds

FBI Warns Cybercriminals Exploit Routers

May 9, 2025
FreeDrain Phishing Steals Crypto Funds

X Scam Targets Crypto Users with Fake Ads

May 9, 2025
FreeDrain Phishing Steals Crypto Funds

FreeDrain Phishing Steals Crypto Funds

May 9, 2025
COLDRIVER Hackers Target Sensitive Data

COLDRIVER Hackers Target Sensitive Data

May 8, 2025
COLDRIVER Hackers Target Sensitive Data

Cisco Fixes Flaw in IOS Wireless Controller

May 8, 2025
COLDRIVER Hackers Target Sensitive Data

CoGUI Targets Consumer and Finance Brands

May 8, 2025

Latest Alerts

X Scam Targets Crypto Users with Fake Ads

FBI Warns Cybercriminals Exploit Routers

FreeDrain Phishing Steals Crypto Funds

CoGUI Targets Consumer and Finance Brands

COLDRIVER Hackers Target Sensitive Data

Cisco Fixes Flaw in IOS Wireless Controller

Subscribe to our newsletter

    Latest Incidents

    LockBit Ransomware Data Leaked After Hack

    Spanish Consumer Group Faces Cyberattack

    Education Giant Pearson Hit by Data Breach

    Masimo Cyberattack Disrupts Manufacturing

    Cyberattack Targets Tepotzotlán Facebook

    West Lothian Schools Hit by Ransomware

    CyberMaterial Logo
    • About Us
    • Contact Us
    • Jobs
    • Legal and Privacy Policy
    • Site Map

    © 2025 | CyberMaterial | All rights reserved

    Welcome Back!

    Login to your account below

    Forgotten Password?

    Retrieve your password

    Please enter your username or email address to reset your password.

    Log In

    Add New Playlist

    No Result
    View All Result
    • Alerts
    • Incidents
    • News
    • Cyber Decoded
    • Cyber Hygiene
    • Cyber Review
    • Definitions
    • Malware
    • Cyber Tips
    • Tutorials
    • Advanced Persistent Threats
    • Threat Actors
    • Report an incident
    • Password Generator
    • About Us
    • Contact Us
    • Advertise with us

    Copyright © 2025 CyberMaterial