CVE-2023-23843

CVSS 3.1 Score 7.2 of 10 (high)

Details

Published Jul 26, 2023
Updated: Aug 3, 2023
CWE ID 697

Summary

CVE-2023-23843 is a vulnerability affecting the SolarWinds Platform. This issue involves an Incorrect Comparison vulnerability, which enables users with administrative access to the SolarWinds Web Console to execute arbitrary commands due to insufficient input validation. This vulnerability could potentially lead to unauthorized system access and manipulation. SolarWinds has released a patch to address this issue, and it is highly recommended that users install it promptly to secure their systems. Unpatched installations remain at risk of being exploited.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • SolarWinds Platform

Affected Vendors

  • SolarWinds Inc.