Lucene search
SolarWindsCVE-2023-40062HistoryNov 01, 2023 - 4:15 p.m.
CVE-2023-40062
2023-11-0116:15:08
CWE-20
SolarWinds
web.nvd.nist.gov
41
solarwinds
cve
2023
40062
rce
vulnerability
nvd
security
exploit
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
9.1
Confidence
High
EPSS
0.002
Percentile
57.9%
SolarWinds Platform Incomplete List of Disallowed Inputs Remote Code Execution Vulnerability. If executed, this vulnerability would allow a low-privileged user to execute commands with SYSTEM privileges.
Affected configurations
Node
solarwindssolarwinds_platformRange<2023.4
| Vendor | Product | Version | CPE |
|---|---|---|---|
| solarwinds | solarwinds_platform | * | cpe:2.3:a:solarwinds:solarwinds_platform:*:*:*:*:*:*:*:* |
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "SolarWinds Platform ",
"vendor": "SolarWinds ",
"versions": [
{
"status": "affected",
"version": "2023.3.1 and previous versions "
}
]
}
]Related
cvelist
cvelist
prion
prion
Remote code execution
2023-11-01 16:15:00
zdi
zdi
vulnrichment
vulnrichment
nvd
nvd
CVE-2023-40062
2023-11-01 16:15:08
nessus
nessus
SolarWinds Platform 2023.3.x < 2023.4 Multiple Vulnerabilities
2023-11-03 00:00:00
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
9.1
Confidence
High
EPSS
0.002
Percentile
57.9%
Related for CVE-2023-40062