CNNVD-202511-2107 Information

CNNVD ID

CNNVD-202511-2107

Related CVE

CVE-2025-40545

• CNNVD Published: 2025-11-18

Description (Chinese)

SolarWinds Observability Self-Hosted是美国SolarWinds公司的一款观察平台。 SolarWinds Observability Self-Hosted存在输入验证错误漏洞，该漏洞源于URL清理不当，可能导致开放重定向攻击。

Description (English)

SolarWinds Observability Self-Hosted is an observation platform for SolarWinds in the United States. SolarWinds Observability Self-Hosted had an input verification error loophole, which stemmed from an inappropriate URL clean-up that could lead to open-ended re-directional attacks.

Hazard Level

High

Vulnerability Type

输入验证错误

Affected Vendor

SolarWinds

Published

2025-11-18

Last Modified

2026-02-24

References

https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/hco_2025-4-1_release_notes.htm https://www.solarwinds.com/trust-center/security-advisories/CVE-2025-40545

Patch

https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/hco_2025-4-1_release_notes.htm