Lucene search
HistoryNov 09, 2023 - 3:15 p.m.
CVE-2023-40054
network configuration manager
directory traversal
remote code execution
cve-2023-40054
system privileges
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS
0.008
Percentile
81.7%
The Network Configuration Manager was susceptible to a Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows a low-level user to perform the actions with SYSTEM privileges. We found this issue was not resolved in CVE-2023-33226
Affected configurations
Node
solarwindsnetwork_configuration_managerRange≤2023.4
| Vendor | Product | Version | CPE |
|---|---|---|---|
| solarwinds | network_configuration_manager | * | cpe:2.3:a:solarwinds:network_configuration_manager:*:*:*:*:*:*:*:* |
Related
cvelist
cvelist
prion
prion
Remote code execution
2023-11-09 15:15:00
Remote code execution
2023-11-01 16:15:00
vulnrichment
vulnrichment
cve
cve
CVE-2023-40054
2023-11-09 15:15:07
CVE-2023-33226
2023-11-01 16:15:08
nvd
nvd
CVE-2023-33226
2023-11-01 16:15:08
zdi
zdi
nessus
nessus
SolarWinds Platform < 2023.4 Multiple Vulnerabilities
2024-02-07 00:00:00
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS
0.008
Percentile
81.7%
Related for NVD:CVE-2023-40054