Lucene search

[email protected]NVD:CVE-2022-47505

HistoryApr 21, 2023 - 8:15 p.m.

CVE-2022-47505

2023-04-2120:15:07

CWE-269

[email protected]

web.nvd.nist.gov

solarwinds

platform

local privilege

escalation

vulnerability

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

0.001

Percentile

19.9%

JSON

The SolarWinds Platform was susceptible to the Local Privilege Escalation Vulnerability. This vulnerability allows a local adversary with a valid system user account to escalate local privileges.

Affected configurations

Nvd

Node

solarwindsorion_platformRange<2023.2

VendorProductVersionCPE
solarwindsorion_platform*cpe:2.3:a:solarwinds:orion_platform:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
solarwinds	orion_platform	*	cpe:2.3:a:solarwinds:orion_platform::::::::

References

documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/solarwinds_platform_2023-2_release_notes.htm

www.solarwinds.com/trust-center/security-advisories/cve-2022-47505

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

0.001

Percentile

19.9%

JSON

Related for NVD:CVE-2022-47505

cve1 prion1 zdi1 cvelist1 nessus1