7.2 CVSS

CVE-2023-33225

RCE

The SolarWinds Platform was susceptible to the Incorrect Comparison Vulnerability. This vulnerability allows users with administrative access to SolarWinds Web Console to execute arbitrary commands with SYSTEM privileges.

EPSS: 0.21%

Severity: HIGH

Jul 26, 2023

7.2 CVSS

CVE-2023-33224

RCE

The SolarWinds Platform was susceptible to the Incorrect Behavior Order Vulnerability. This vulnerability allows users with administrative access to SolarWinds Web Console to execute arbitrary commands with NETWORK SERVICE privileges.

EPSS: 0.25%

Severity: HIGH

Jul 26, 2023

7.2 CVSS

CVE-2023-23844

RCE

The SolarWinds Platform was susceptible to the Incorrect Comparison Vulnerability. This vulnerability allows users with administrative access to SolarWinds Web Console to execute arbitrary commands with SYSTEM privileges.

EPSS: 0.22%

Severity: HIGH

Jul 26, 2023

7.2 CVSS

CVE-2023-23843

RCE

The SolarWinds Platform was susceptible to the Incorrect Comparison Vulnerability. This vulnerability allows users with administrative access to SolarWinds Web Console to execute arbitrary commands.

EPSS: 0.21%

Severity: HIGH

Jul 26, 2023

6.5 CVSS

CVE-2023-23839

The SolarWinds Platform was susceptible to the Exposure of Sensitive Information Vulnerability. This vulnerability allows users to access Orion.WebCommunityStrings SWIS schema object and obtain sensitive information.

EPSS: 2.35%

Severity: MEDIUM

Apr 25, 2023

5.5 CVSS

CVE-2022-47512

Sensitive information was stored in plain text in a file that is accessible by a user with a local account in Hybrid Cloud Observability (HCO)/ SolarWinds Platform 2022.4. No other versions are affected

EPSS: 0.21%

Severity: MEDIUM

Dec 19, 2022

6.1 CVSS

CVE-2022-36965

Insufficient sanitization of inputs in QoE application input field could lead to stored and Dom based XSS attack. This issue is fixed and released in SolarWinds Platform (2022.3.0).

EPSS: 2.60%

Severity: MEDIUM

Sep 30, 2022

solarwinds_platform

Security Vulnerability Index