Arbitrary Code Execution Vulnerability in N-able Technologies N-central Server
CVE-2023-30297

7HIGH

Key Information:

Vendor: N-able
Status: N-central
Vendor: CVE Published:; 4 August 2023

What is CVE-2023-30297?

A vulnerability has been identified in N-able Technologies N-central Server that allows a local attacker to execute arbitrary code through the server's monitoring function. This issue poses a risk by enabling unauthorized control over the server, which can lead to further exploitation of systems and data within the network. Users are advised to upgrade to version 2023.4 or later to mitigate this risk.

References

https://www.n-able.com/

https://status.n-able.com/2023/07/27/cve-2023-30297-relea...

CVSS V3.1

Score:

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Aug 4, 2023
Vulnerability Reserved
Apr 7, 2023