← volver
CVE-2022-47508

Disable NTLM: SAM 2022.4

CVSS 7.5 HIGHEPSS 0.8%CWE-287
Vexday Risk Score
21Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS 7.5EPSS 0.8%KEV nãoPoC Nuclei Metasploit Patch
Ciclo de vida
15 feb 2023Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
Customers who had configured their polling to occur via Kerberos did not expect NTLM Traffic on their environment, but since we were querying for data via IP address this prevented us from utilizing Kerberos.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Productos afectados
SolarWinds · Server & Application Monitor (SAM)

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://documentation.solarwinds.com/en/success_center/sam/content/release_notes/sam_2023-1_release_notes.htmhttps://www.solarwinds.com/trust-center/security-advisories/CVE-2022-47508