Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2023-33224

The SolarWinds Platform was susceptible to the Incorrect Behavior Order Vulnerability. This vulnerability allows users with administrative access to SolarWinds Web Console to execute arbitrary commands with NETWORK SERVICE privileges.

Published

2023-07-26T14:15:10.340

Last Modified

2024-11-21T08:05:10.427

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 7.2 (HIGH)

Weaknesses

Type: Secondary
CWE-696
Type: Primary
NVD-CWE-Other

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	solarwinds	solarwinds_platform	< 2023.3.0	Yes

References

https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/solarwinds_platform_2023-3_release_notes.htm Release Notes, Vendor Advisory ([email protected])
https://www.solarwinds.com/trust-center/security-advisories/cve-2023-33224 Vendor Advisory ([email protected])
https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/solarwinds_platform_2023-3_release_notes.htm Release Notes, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://www.solarwinds.com/trust-center/security-advisories/cve-2023-33224 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)