CVE-2024-28995 - Vulnerability Details - OpenCVE

SolarWinds Serv-U was susceptible to a directory transversal vulnerability that would allow access to read sensitive files on the host machine.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Changed

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is in the KEV database since July 17, 2024.

The EPSS score is 0.94354.

Exploitation active

Automatable yes

Technical Impact partial

Vendors	Products
Solarwinds Subscribe	Serv-u Subscribe

Configuration 1 [-]

OR	cpe:2.3:a:solarwinds:serv-u::::::::
	cpe:2.3:a:solarwinds:serv-u:15.4.2:-::::::
	cpe:2.3:a:solarwinds:serv-u:15.4.2:hotfix1::::::

No data.

No data.

Advisories

No advisories yet.

Fixes

Solution

SolarWinds recommends that customers upgrade to SolarWinds Serv-U 15.4.2 HF 2 as soon as it becomes available.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-28995
https://www.solarwinds.com/trust-center/security-advisories/CVE-2024-28995

History

Wed, 22 Oct 2025 08:30:00 +0900

Type	Values Removed	Values Added
References		https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-28995

Wed, 22 Oct 2025 05:30:00 +0900

Type	Values Removed	Values Added
References	https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-28995

Wed, 22 Oct 2025 04:30:00 +0900

Type	Values Removed	Values Added
References		https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-28995

Wed, 30 Jul 2025 11:15:00 +0900

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'yes', 'Exploitation': 'active', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Tue, 15 Jul 2025 22:45:00 +0900

Type	Values Removed	Values Added
Metrics	epss `{'score': 0.94367}`	epss `{'score': 0.94376}`

Projects

Sign in to view the affected projects.

MITRE

Status: PUBLISHED

Assigner: SolarWinds

Published: 2024-06-06T09:01:23.314Z

Updated: 2025-10-21T23:05:16.763Z

Reserved: 2024-03-13T20:27:09.783Z

Link: CVE-2024-28995

Vulnrichment

Updated: 2024-08-02T01:03:51.459Z

NVD

Status : Analyzed

Published: 2024-06-06T09:15:14.167

Modified: 2025-10-27T17:01:34.100

Link: CVE-2024-28995

Redhat

No data.

OpenCVE Enrichment

No data.

Weaknesses

CWE-22

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-28995", "assignerOrgId": "49f11609-934d-4621-84e6-e02e032104d6", "state": "PUBLISHED", "assignerShortName": "SolarWinds", "dateReserved": "2024-03-13T20:27:09.783Z", "datePublished": "2024-06-06T09:01:23.314Z", "dateUpdated": "2025-10-21T23:05:16.763Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "affected", "product": "SolarWinds Serv-U ", "vendor": "SolarWinds ", "versions": [{"status": "affected", "version": "15.4.2 HF 1 and previous versions"}]}], "credits": [{"lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "Hussein Daher"}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "\n\n\n\n\n\n\n\n\n\n\n\n\nSolarWinds Serv-U was susceptible to a directory transversal vulnerability that would allow access to read sensitive files on the host machine. <p> </p>\n\n\n\n\n\n"}], "value": "\n\n\n\n\n\n\n\n\n\n\n\nSolarWinds Serv-U was susceptible to a directory transversal vulnerability that would allow access to read sensitive files on the host machine. \n\n\n\n\n\n\n\n"}], "impacts": [{"capecId": "CAPEC-126", "descriptions": [{"lang": "en", "value": "CAPEC-126 Path Traversal"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 8.6, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-22", "description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "49f11609-934d-4621-84e6-e02e032104d6", "shortName": "SolarWinds", "dateUpdated": "2024-06-06T09:01:23.314Z"}, "references": [{"tags": ["vendor-advisory"], "url": "https://www.solarwinds.com/trust-center/security-advisories/CVE-2024-28995"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<br>SolarWinds recommends that customers upgrade to SolarWinds Serv-U 15.4.2 HF 2 as soon as it becomes available.<br> <br><br>"}], "value": "SolarWinds recommends that customers upgrade to SolarWinds Serv-U 15.4.2 HF 2 as soon as it becomes available.\n \n\n"}], "source": {"discovery": "UNKNOWN"}, "title": "SolarWinds Serv-U L Directory Transversal Vulnerability ", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-28995", "role": "CISA Coordinator", "options": [{"Exploitation": "active"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-07-17T16:46:00.595482Z"}}}, {"other": {"type": "kev", "content": {"dateAdded": "2024-07-17", "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-28995"}}}], "affected": [{"cpes": ["cpe:2.3:a:solarwinds:serv-u:*:*:*:*:*:*:*:*"], "vendor": "solarwinds", "product": "serv-u", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "15.4.2_hf_1"}], "defaultStatus": "unknown"}], "references": [{"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-28995", "tags": ["government-resource"]}], "timeline": [{"time": "2024-07-17T00:00:00+00:00", "lang": "en", "value": "CVE-2024-28995 added to CISA KEV"}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-10-21T23:05:16.763Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T01:03:51.459Z"}, "title": "CVE Program Container", "references": [{"tags": ["vendor-advisory", "x_transferred"], "url": "https://www.solarwinds.com/trust-center/security-advisories/CVE-2024-28995"}]}]}}

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-28995", "assignerOrgId": "49f11609-934d-4621-84e6-e02e032104d6", "state": "PUBLISHED", "assignerShortName": "SolarWinds", "dateReserved": "2024-03-13T20:27:09.783Z", "datePublished": "2024-06-06T09:01:23.314Z", "dateUpdated": "2025-07-28T19:43:10.709Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "affected", "product": "SolarWinds Serv-U ", "vendor": "SolarWinds ", "versions": [{"status": "affected", "version": "15.4.2 HF 1 and previous versions"}]}], "credits": [{"lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "Hussein Daher"}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "\n\n\n\n\n\n\n\n\n\n\n\n\nSolarWinds Serv-U was susceptible to a directory transversal vulnerability that would allow access to read sensitive files on the host machine. <p> </p>\n\n\n\n\n\n"}], "value": "\n\n\n\n\n\n\n\n\n\n\n\nSolarWinds Serv-U was susceptible to a directory transversal vulnerability that would allow access to read sensitive files on the host machine. \n\n\n\n\n\n\n\n"}], "impacts": [{"capecId": "CAPEC-126", "descriptions": [{"lang": "en", "value": "CAPEC-126 Path Traversal"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 8.6, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-22", "description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "49f11609-934d-4621-84e6-e02e032104d6", "shortName": "SolarWinds", "dateUpdated": "2024-06-06T09:01:23.314Z"}, "references": [{"tags": ["vendor-advisory"], "url": "https://www.solarwinds.com/trust-center/security-advisories/CVE-2024-28995"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<br>SolarWinds recommends that customers upgrade to SolarWinds Serv-U 15.4.2 HF 2 as soon as it becomes available.<br> <br><br>"}], "value": "SolarWinds recommends that customers upgrade to SolarWinds Serv-U 15.4.2 HF 2 as soon as it becomes available.\n \n\n"}], "source": {"discovery": "UNKNOWN"}, "title": "SolarWinds Serv-U L Directory Transversal Vulnerability ", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T01:03:51.459Z"}, "title": "CVE Program Container", "references": [{"tags": ["vendor-advisory", "x_transferred"], "url": "https://www.solarwinds.com/trust-center/security-advisories/CVE-2024-28995"}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-28995", "role": "CISA Coordinator", "options": [{"Exploitation": "active"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-07-17T16:46:00.595482Z"}}}, {"other": {"type": "kev", "content": {"dateAdded": "2024-07-17", "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-28995"}}}], "affected": [{"cpes": ["cpe:2.3:a:solarwinds:serv-u:*:*:*:*:*:*:*:*"], "vendor": "solarwinds", "product": "serv-u", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "15.4.2_hf_1"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-10T13:06:44.945Z"}, "timeline": [{"time": "2024-07-17T00:00:00+00:00", "lang": "en", "value": "CVE-2024-28995 added to CISA KEV"}], "title": "CISA ADP Vulnrichment"}]}}

{"cisaActionDue": "2024-08-07", "cisaExploitAdd": "2024-07-17", "cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "cisaVulnerabilityName": "SolarWinds Serv-U Path Traversal Vulnerability ", "configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:solarwinds:serv-u:*:*:*:*:*:*:*:*", "matchCriteriaId": "F4075BBF-2BC5-494C-81ED-AC85AD8D30CF", "versionEndExcluding": "15.4.2", "vulnerable": true}, {"criteria": "cpe:2.3:a:solarwinds:serv-u:15.4.2:-:*:*:*:*:*:*", "matchCriteriaId": "60A6B282-872E-4228-A884-5DC5B44046BB", "vulnerable": true}, {"criteria": "cpe:2.3:a:solarwinds:serv-u:15.4.2:hotfix1:*:*:*:*:*:*", "matchCriteriaId": "EBDF03FF-C508-42BD-9B70-9F972A14087B", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "\n\n\n\n\n\n\n\n\n\n\n\nSolarWinds Serv-U was susceptible to a directory transversal vulnerability that would allow access to read sensitive files on the host machine. \n\n\n\n\n\n\n\n"}, {"lang": "es", "value": "SolarWinds Serv-U era susceptible a una vulnerabilidad directory transversal que permitir\u00eda el acceso para leer archivos confidenciales en la m\u00e1quina host."}], "id": "CVE-2024-28995", "lastModified": "2025-10-27T17:01:34.100", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 8.6, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 4.0, "source": "psirt@solarwinds.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-06-06T09:15:14.167", "references": [{"source": "psirt@solarwinds.com", "tags": ["Vendor Advisory"], "url": "https://www.solarwinds.com/trust-center/security-advisories/CVE-2024-28995"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://www.solarwinds.com/trust-center/security-advisories/CVE-2024-28995"}, {"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "tags": ["US Government Resource"], "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-28995"}], "sourceIdentifier": "psirt@solarwinds.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-22"}], "source": "psirt@solarwinds.com", "type": "Secondary"}]}