What is the severity of CVE-2024-28999?

CVE-2024-28999 is classified as a medium-severity vulnerability due to the potential for a race condition in the web console of the SolarWinds Platform.

How do I fix CVE-2024-28999?

To fix CVE-2024-28999, users should update to SolarWinds Platform version 2024.2 or later.

Which versions of the SolarWinds Platform are affected by CVE-2024-28999?

CVE-2024-28999 affects all versions of the SolarWinds Platform up to but not including 2024.2.

What type of vulnerability is CVE-2024-28999?

CVE-2024-28999 is a race condition vulnerability that can impact the functionality of the SolarWinds web console.

Is CVE-2024-28999 actively being exploited?

As of the latest information, there are no confirmed reports of active exploitation of CVE-2024-28999.

Vulnerability/
CVE-2024-28999

Exploited

high

8.1

CWE

362

4/6/2024

2/8/2024

CVE-2024-28999: SolarWinds Platform Race Condition Vulnerability

First published: Tue Jun 04 2024(Updated: )

The SolarWinds Platform was determined to be affected by a Race Condition Vulnerability affecting the web console.

Credit: psirt@solarwinds.com Elhussain Fathy

Affected Software	Affected Version	How to fix
SolarWinds Platform	<2024.2

Remedy

SolarWinds recommends that customers upgrade to SolarWinds Platform 2024.2 as soon as it becomes available.

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2024-28999?
CVE-2024-28999 is classified as a medium-severity vulnerability due to the potential for a race condition in the web console of the SolarWinds Platform.
How do I fix CVE-2024-28999?
To fix CVE-2024-28999, users should update to SolarWinds Platform version 2024.2 or later.
Which versions of the SolarWinds Platform are affected by CVE-2024-28999?
CVE-2024-28999 affects all versions of the SolarWinds Platform up to but not including 2024.2.
What type of vulnerability is CVE-2024-28999?
CVE-2024-28999 is a race condition vulnerability that can impact the functionality of the SolarWinds web console.
Is CVE-2024-28999 actively being exploited?
As of the latest information, there are no confirmed reports of active exploitation of CVE-2024-28999.

agent/weakness
agent/title
agent/remedy
agent/type
agent/description
agent/first-publish-date
agent/severity
agent/references
agent/author
agent/event
collector/mitre-cve
source/MITRE
agent/last-modified-date
collector/exploitdb-recent
source/ExploitDB
anchor-exploit/CVE-2024-28999
exploited/true
agent/source
agent/trending
collector/nvd-api
source/NVD
agent/software-canonical-lookup
agent/software-canonical-lookup-request
agent/tags
agent/softwarecombine
agent/exploited
proof-of-concept/true
vendor/solarwinds
canonical/solarwinds platform

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.