CVE-2018-10241: Null Pointer Dereference
First published: Wed May 16 2018(Updated: )
A denial of service vulnerability in SolarWinds Serv-U before 15.1.6 HFv1 allows an authenticated user to crash the application (with a NULL pointer dereference) via a specially crafted URL beginning with the /Web%20Client/ substring.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| SolarWinds Serv-U | <=15.1.6 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2018-10241?
CVE-2018-10241 is a denial of service vulnerability in SolarWinds Serv-U before version 15.1.6 HFv1.
How does CVE-2018-10241 affect SolarWinds Serv-U?
CVE-2018-10241 allows an authenticated user to crash the application (with a NULL pointer dereference) via a specially crafted URL starting with /Web%20Client/ substring.
What is the severity of CVE-2018-10241?
The severity of CVE-2018-10241 is medium with a CVSS score of 6.5.
Which version of SolarWinds Serv-U is affected by CVE-2018-10241?
SolarWinds Serv-U version up to and including 15.1.6 is affected by CVE-2018-10241.
How can I fix CVE-2018-10241?
Upgrade to SolarWinds Serv-U version 15.1.6 HFv1 or later to fix CVE-2018-10241.
- collector/nvd-index
- agent/references
- agent/weakness
- agent/severity
- agent/author
- agent/type
- agent/description
- agent/event
- agent/softwarecombine
- agent/first-publish-date
- agent/last-modified-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/solarwinds
- canonical/solarwinds serv-u
- version/solarwinds serv-u/15.1.6