ID CVE-2018-10241
Summary A denial of service vulnerability in SolarWinds Serv-U before 15.1.6 HFv1 allows an authenticated user to crash the application (with a NULL pointer dereference) via a specially crafted URL beginning with the /Web%20Client/ substring.
References
Vulnerable Configurations
  • cpe:2.3:a:solarwinds:serv-u:15.1.6
    cpe:2.3:a:solarwinds:serv-u:15.1.6
CVSS
Base: 4.0
Impact:
Exploitability:
CWE CWE-476
CAPEC
refmap via4
misc https://www.bishopfox.com/news/2018/05/solarwinds-serv-u-managed-file-transfer-denial-of-service/
Last major update 16-05-2018 - 10:29
Published 16-05-2018 - 10:29
Last modified 20-06-2018 - 10:17
Back to Top