SolarWinds Platform Incorrect Comparison Vulnerability 

(CVE-2023-23843)

Download PDF

Security Advisory Summary

The SolarWinds Platform was found to be susceptible to the Incorrect Comparison Vulnerability. This vulnerability allows users with administrative access to SolarWinds Web Console to execute arbitrary commands.

Affected Products

  • SolarWinds Platform 2023.2.1 and prior versions

Fixed Software Release

Acknowledgments

  • Piotr Bazydlo (@chudypb) of Trend Micro Zero Day Initiative

Advisory Detail

Severity

6.8 Medium

Advisory ID

CVE-2023-23843

First Published

07/18/2023

Last Published

07/18/2023

Fixed Version

SolarWinds Platform 2023.3

CVSS Score

CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H