SolarWinds Platform XSS Vulnerability Let Attackers Inject Malicious Code

A critical security vulnerability has been recently disclosed by SolarWinds in its Platform product, a major player in IT management software.

The flaw, identified as CVE-2024-45717, allows authenticated attackers to inject malicious code through a cross-site scripting (XSS) vulnerability.

This vulnerability potentially helps the threat actors in compromising the integrity and confidentiality of affected systems.

The XSS vulnerability affects the search and node information sections of the SolarWinds Platform user interface.

Besides this, experts at SolarWinds observed that the flaw requires authentication and user interaction to exploit, its potential impact is significant, which helps it in earning a high severity rating of 7.0 on the Common Vulnerability Scoring System (CVSS).

Affected Versions: The vulnerability is present in SolarWinds Platform 2024.4 and all prior versions, putting a wide range of installations at risk.

Attack Vector: The CVSS score indicates that the attack vector is adjacent (AV:A), meaning the attacker would need to be on the same network segment as the vulnerable system. This somewhat limits the scope of potential attacks but doesn’t diminish the severity for organizations with shared network environments.

Free Webinar on Best Practices for API vulnerability & Penetration Testing:  Free Registration

Flaw Profile

If successfully exploited, this XSS vulnerability could allow attackers to:-

1. Steal sensitive information from authenticated users
2. Manipulate the platform’s functionality
3. Potentially gain unauthorized access to connected systems

The high confidentiality and integrity impact ratings (C:H and I:H) in the CVSS score underscore the serious nature of this vulnerability.

SolarWinds has acted swiftly to address the issue:-

1. A patch has been released in version 2024.4.1 of the SolarWinds Platform.
2. All users of affected versions are strongly urged to update their systems immediately.

The vulnerability was discovered by Frank Lycops from the NATO Cyber Security Centre, highlighting the importance of collaborative efforts in identifying and addressing cybersecurity threats.

This incident serves as a reminder of the ongoing challenges faced by software providers in maintaining the security of complex IT management systems. It also underscores the critical need for:-

1. Regular security audits and penetration testing
2. Prompt patching and update processes
3. Robust authentication mechanisms

As organizations increasingly rely on platforms like SolarWinds for managing their IT infrastructure, the potential impact of such vulnerabilities grows. This event may prompt many enterprises to reassess their security postures and incident response plans.

While the SolarWinds Platform XSS vulnerability requires specific conditions to exploit, its potential consequences are severe enough to warrant immediate attention.

Organizations using the affected versions of SolarWinds Platform should prioritize applying the available patch to mitigate the risk of potential attacks leveraging this vulnerability.

Leveraging 2024 MITRE ATT&CK Results for SME & MSP Cybersecurity Leaders – Attend Free Webinar