CVE-2024-28996: 
SolarWinds Platform vulnerability analysis and mitigation

The SolarWinds Platform was identified to contain a SWQL (SolarWinds Query Language) Injection Vulnerability, tracked as CVE-2024-28996. The vulnerability was discovered in SolarWinds Platform 2024.1 SR 1 and previous versions, with the disclosure date being June 4, 2024. SWQL, a proprietary read-only subset of SQL, is used for querying the SolarWinds database for network information (SecurityWeek).

The vulnerability has been assigned a CVSS v3.1 base score of 7.5 (High severity) with the vector string CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H. The scoring indicates that while the attack complexity is high, the vulnerability requires no privileges or user interaction to exploit. The vulnerability is classified under CWE-89 (Improper Neutralization of Special Elements used in an SQL Command) (NVD).

If successfully exploited, the vulnerability could lead to high impacts on confidentiality, integrity, and availability of the affected systems. The attack vector is adjacent, meaning the attack must come from the same shared network (NVD).

SolarWinds has released version 2024.2 of the Platform to address this vulnerability. Users are strongly advised to upgrade to this version as soon as possible (CERT-EU).

The vulnerability was discovered and reported by Nils Putnins, a penetration tester from the NATO Communications and Information Agency, highlighting the collaborative nature of security research in identifying and addressing potential threats (SecurityWeek).