CVE-2023-23844

Published Jul 26, 2023

Last updated a year ago

Overview

Description
The SolarWinds Platform was susceptible to the Incorrect Comparison Vulnerability. This vulnerability allows users with administrative access to SolarWinds Web Console to execute arbitrary commands with SYSTEM privileges.
Source
psirt@solarwinds.com
NVD status
Modified

Risk scores

CVSS 3.1

Type
Primary
Base score
7.2
Impact score
5.9
Exploitability score
1.2
Vector string
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Severity
HIGH

Weaknesses

nvd@nist.gov
CWE-697
psirt@solarwinds.com
CWE-184

Social media

Hype score
Not currently trending

Configurations