SolarWinds Network Configuration Manager Directory Traversal Vulnerability
(CVE-2023-23842)
Summary
The SolarWinds Network Configuration Manager was found to be susceptible to the Directory Traversal Vulnerability. This vulnerability allows users with administrative access to SolarWinds Web Console to execute arbitrary commands.
Affected Products
- Network Configuration Manager 2023.2.1 and prior versions
Fixed Software Release
Acknowledgments
- Piotr Bazydlo (@chudypb) of Trend Micro Zero Day Initiative
Advisory Details
Severity
6.8 Medium
Advisory ID
First Published
07/18/2023
Last Published
07/18/2023