Sensitive Data Disclosure Vulnerability

(CVE-2022-47512)

Summary

Sensitive information was stored in plain text in a file. The file is accessible by a local account who specifically has been given access to the application server. This affects SolarWinds Observability Self-Hosted/ SolarWinds Platform 2022.4.

Affected Products

SolarWinds Observability Self-Hosted
SolarWinds Platform 2022.4

Fixed Software Release

SolarWinds Observability Self-Hosted / SolarWinds Platform 2022.4.1

Acknowledgments

Thwack MVP’s

Advisory Details

Severity

6.0 Medium

Advisory ID

CVE-2022-47512

First Published

12/16/2022

Version

SolarWinds Observability Self-Hosted / SolarWinds Platform 2022.4.1

CVSS Score

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N