SolarWinds Platform Access Control Bypass Vulnerability (CVE-2023-3622)

Summary

An Access Control Bypass Vulnerability exists in the SolarWinds Platform that, if exploited, could allow an underprivileged user to read an arbitrary resource.

Affected Products

  • SolarWinds Platform version 2023.2.1 and prior versions

Fixed Software Release

Acknowledgments

  • Alex Shepard

Advisory Details
Severity
Medium
Advisory ID

CVE-2023-3622

First Published
07/18/2023
Last Published
07/18/2023
Fixed Version

SolarWinds Platform 2023.3

CVSS Score

CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L

Download PDF
Send an Email