Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2023-23840

The SolarWinds Platform was susceptible to the Incorrect Comparison Vulnerability. This vulnerability allows users with administrative access to SolarWinds Web Console to execute arbitrary commands with NETWORK SERVICE privileges.

Published

2023-09-13T23:15:07.820

Last Modified

2024-11-21T07:46:55.937

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 6.8 (MEDIUM)

Weaknesses

Type: Primary
CWE-697
Type: Secondary
CWE-697

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	solarwinds	orion_platform	< 2023.3.1	Yes

References

https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/solarwinds_platform_2023-3-1_release_notes.htm Vendor Advisory ([email protected])
https://www.solarwinds.com/trust-center/security-advisories/CVE-2023-23840 Vendor Advisory ([email protected])
https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/solarwinds_platform_2023-3-1_release_notes.htm Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://www.solarwinds.com/trust-center/security-advisories/CVE-2023-23840 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)