Lucene search

PRIOn knowledge basePRION:CVE-2023-23841

HistoryJun 15, 2023 - 10:15 p.m.

Cross site request forgery (csrf)

2023-06-1522:15:00

PRIOn knowledge base

www.prio-n.com

cross site request forgery

solarwinds serv-u

http request

sensitive data disclosure

file share

file request

7.6 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

50.8%

JSON

SolarWinds Serv-U is submitting an HTTP request when changing or updating the attributes for File Share or File request.? Part of the URL of the request discloses sensitive data.

CPENameOperatorVersion
serv-ult15.4

CPE	Name	Operator	Version
	serv-u	lt	15.4

References

documentation.solarwinds.com/en/success_center/servu/content/release_notes/serv-u_15-4_release_notes.htm

www.solarwinds.com/trust-center/security-advisories/CVE-2023-23841