Insecure Job Execution Mechanism Vulnerability

(CVE-2023-40061)

Summary

Insecure Job Execution Mechanism Vulnerability

Affected Products

SolarWinds Platform 2023.3.1 and previous versions

Fixed Software Release

SolarWinds Platform 2023.4

Acknowledgments

Jakub Brzozowski "redfr0g" (STM Cyber)
Kamil Falkiewicz (STM Cyber)
Szymon Jacek (STM Cyber)

Advisory Details

Severity

7.1 High

Advisory ID

First Published

11/01/2023

Fixed Version

SolarWinds Platform 2023.4

CVSS Score

CVSS:3.1/AV:A/AC:L/PR:H/UI:R/S:C/C:H/I:L/A:L