CVE-2024-28200: N-central Authentication Bypass
First published: Mon Jul 01 2024(Updated: )
The N-central server is vulnerable to an authentication bypass of the user interface. This vulnerability is present in all deployments of N-central prior to 2024.2. This vulnerability was discovered through internal N-central source code review and N-able has not observed any exploitation in the wild.
Credit: a5532a13-c4dd-4202-bef1-e0b8f2f8d12b
| Affected Software | Affected Version | How to fix |
|---|---|---|
| SolarWinds N-Central | <2024.2 |
Remedy
Upgrade to N-central version 2024.2 or higher
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2024-28200?
CVE-2024-28200 has a high severity rating due to its potential for authentication bypass.
How do I fix CVE-2024-28200?
To fix CVE-2024-28200, upgrade your N-central server to version 2024.2 or later.
Who is affected by CVE-2024-28200?
All deployments of N-central prior to version 2024.2 are affected by CVE-2024-28200.
What type of vulnerability is CVE-2024-28200?
CVE-2024-28200 is classified as an authentication bypass vulnerability.
How was CVE-2024-28200 discovered?
CVE-2024-28200 was discovered through an internal source code review of the N-central server.
- agent/remedy
- agent/references
- agent/title
- agent/description
- agent/type
- agent/first-publish-date
- agent/author
- agent/event
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/severity
- agent/last-modified-date
- agent/softwarecombine
- agent/source
- agent/tags
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/n-able
- canonical/solarwinds n-central