CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-40054

The Network Configuration Manager was susceptible to a Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows a low-level user to perform the actions with SYSTEM privileges. We found this issue was not resolved in CVE-2023-33226

Exploit prediction scoring system (EPSS) score

EPSS Score 0.014

EPSS Ranking 79.4%

CVSS Severity

CVSS v3 Score 8.0

References

Products affected by CVE-2023-40054

Solarwinds » Network Configuration Manager » Version: 2020.2.5

cpe:2.3:a:solarwinds:network_configuration_manager:2020.2.5
Solarwinds » Network Configuration Manager » Version: 2023.4

cpe:2.3:a:solarwinds:network_configuration_manager:2023.4
Solarwinds » Network Configuration Manager » Version: 7.2.0

cpe:2.3:a:solarwinds:network_configuration_manager:7.2.0
Solarwinds » Network Configuration Manager » Version: 7.2.1

cpe:2.3:a:solarwinds:network_configuration_manager:7.2.1
Solarwinds » Network Configuration Manager » Version: 7.2.2

cpe:2.3:a:solarwinds:network_configuration_manager:7.2.2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-40054

Products

Pricing

Contact Us