SolarWinds Platform Access Control Bypass Vulnerability 

(CVE-2023-3622)

Download PDF

Summary

An Access Control Bypass Vulnerability exists in the SolarWinds Platform that, if exploited, could allow an underprivileged user to read an arbitrary resource.

Affected Products

  • SolarWinds Platform version 2023.2.1 and prior versions

Fixed Software Release

Acknowledgments

  • Alex Shepard

Advisory Details

Severity

4.6 Medium

Advisory ID

CVE-2023-3622

First Published

07/18/2023

Last Published

07/18/2023

Fixed Version

SolarWinds Platform 2023.3

CVSS Score

CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L