SolarWinds Platform Exposure of Sensitive Information Vulnerability

CVE-2023-23839

6.5MEDIUM

Key Information

Vendor: SolarWinds
Status: SolarWinds Platform
Vendor: CVE Published:; 25 April 2023

Summary

The SolarWinds Platform was susceptible to the Exposure of Sensitive Information Vulnerability. This vulnerability allows users to access Orion.WebCommunityStrings SWIS schema object and obtain sensitive information.

Affected Version(s)

SolarWinds Platform < 2023.2

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published.
Apr 25, 2023
Vulnerability Reserved.
Jan 18, 2023

Collectors

NVD DatabaseMitre Database