vulnerability

SolarWinds Orion Platform: SolarWinds Platform Exposed Dangerous Method Vulnerability (CVE-2023-23840)

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
8	(AV:N/AC:L/Au:M/C:C/I:C/A:C)	Sep 13, 2023	Sep 21, 2023	Jan 28, 2025

Severity

CVSS

(AV:N/AC:L/Au:M/C:C/I:C/A:C)

Published

Sep 13, 2023

Added

Sep 21, 2023

Modified

Jan 28, 2025

Description

The SolarWinds Platform was susceptible to the Incorrect Comparison Vulnerability. This vulnerability allows users with administrative access to SolarWinds Web Console to execute arbitrary commands with NETWORK SERVICE privileges.

Solution

solarwinds-orion-platform-upgrade-latest

References

CVE-2023-23840
https://attackerkb.com/topics/CVE-2023-23840
URL-https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/solarwinds_platform_2023-3-1_release_notes.htm
URL-https://www.solarwinds.com/trust-center/security-advisories/CVE-2023-23840

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today