Lucene search
HistoryFeb 06, 2024 - 4:15 p.m.
CVE-2023-35188
cve-2023-35188
sql injection
remote code execution
solarwinds platform
nvd
vulnerability
authentication
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
9 High
AI Score
Confidence
High
0.002 Low
EPSS
Percentile
53.0%
SQL Injection Remote Code Execution Vulnerability was found using a create statement in the SolarWinds Platform. This vulnerability requires user authentication to be exploited.
Affected configurations
Node
solarwindssolarwinds_platformRange<2024.1
| CPE | Name | Operator | Version |
|---|---|---|---|
| solarwinds:solarwinds_platform | solarwinds solarwinds platform | lt | 2024.1 |
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "SolarWinds Platform ",
"vendor": "SolarWinds ",
"versions": [
{
"status": "affected",
"version": "2023.4.2 and previous versions "
}
]
}
]Related
nvd
nvd
CVE-2023-35188
2024-02-06 16:15:51
prion
prion
Remote code execution
2024-02-06 16:15:00
cvelist
cvelist
CVE-2023-35188 SQL Injection Remote Code Execution Vulnerability
2024-02-06 16:00:21
zdi
zdi
nessus
nessus
SolarWinds Platform 2023.4.0 < 2024.1 Multiple Vulnerabilities SQLI
2024-02-08 00:00:00
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
9 High
AI Score
Confidence
High
0.002 Low
EPSS
Percentile
53.0%
Related for CVE-2023-35188