CVE-2023-23840

CVSS 3.1 Score 7.2 of 10 (high)

Details

Published Sep 13, 2023
Updated: Dec 28, 2023
CWE ID 697

Summary

CVE-2023-23840, also known as the Incorrect Comparison Vulnerability, affects the SolarWinds Platform. This vulnerability allows users with administrative access to the SolarWinds Web Console to execute arbitrary commands with NETWORK SERVICE privileges. The affected products include lLfJdw, ZT_lhg, ZT_lhh, lLfJdv, ZT_lhi, ZT_lhj, and more. The potential danger posed to an organization is high, as it can lead to unauthorized access and control over sensitive systems and data. To remediate this vulnerability, organizations should apply the necessary patches and updates provided by SolarWinds to address this security flaw.

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2023-23840 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options