The SolarWinds Platform was susceptible to the Command Injection Vulnerability. This vulnerability allows a remote adversary with a valid SolarWinds Platform admin account to execute arbitrary commands.
SolarWinds recommends customers upgrade to SolarWinds Platform version 2023.2 as soon as it becomes available. The expected release is by the end of April 2023. SolarWinds also recommends customers to follow the guidance provided in the SolarWinds Secure Configuration Guide. Ensure only authorized users can access the SolarWinds Platform. Special attention should be given to the following points from the documentation:
8.8 High
04/18/2023
04/18/2023
SolarWinds Platform 2023.2