CVE-2023-33228

SolarWinds Network Configuration Manager Sensitive Information Disclosure Vulnerability

CVSS 4.5 MEDIUMEPSS 0.4%CWE-311

Vexday Risk Score

13Baixo

Decisão SSVC (CISA)

Track

Sem sinal de exploração → monitorar

CVSS 4.5EPSS 0.4%KEV nãoPoC —Nuclei —Metasploit —Patch —

Ciclo de vida

01 nov 2023Publicada no NVD

Recomendação: Monitorar — sem sinal de exploração no momento.

The SolarWinds Network Configuration Manager was susceptible to the Exposure of Sensitive Information Vulnerability. This vulnerability allows users with administrative access to SolarWinds Web Console to obtain sensitive information.

CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

Produtos afetados

SolarWinds · Network Configuration Manager

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://documentation.solarwinds.com/en/success_center/ncm/content/release_notes/ncm_2023-4_release_notes.htm https://www.solarwinds.com/trust-center/security-advisories/CVE-2023-33228