← back
CVE-2023-23843

SolarWinds Platform Incorrect Comparison Vulnerability

CVSS 7.2 HIGHEPSS 2.6%CWE-697
Vexday Risk Score
21Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 7.2EPSS 2.6%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
26 Jul 2023Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
The SolarWinds Platform was susceptible to the Incorrect Comparison Vulnerability. This vulnerability allows users with administrative access to SolarWinds Web Console to execute arbitrary commands.
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Affected products
SolarWinds · SolarWinds Platform

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/solarwinds_platform_2023-3_release_notes.htmhttps://www.solarwinds.com/trust-center/security-advisories/cve-2023-23843