Vulnerability Details CVE-2023-50395
SQL Injection Remote Code Execution Vulnerability was found using an update statement in the SolarWinds Platform. This vulnerability requires user authentication to be exploited
Exploit prediction scoring system (EPSS) score
EPSS Score 0.006
EPSS Ranking 68.2%
CVSS Severity
CVSS v3 Score 8.0
References
- https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/solarwinds_platform_2024-1_release_notes.htm
- https://www.solarwinds.com/trust-center/security-advisories/CVE-2023-50395
- https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/solarwinds_platform_2024-1_release_notes.htm
- https://www.solarwinds.com/trust-center/security-advisories/CVE-2023-50395
Products affected by CVE-2023-50395
-
cpe:2.3:a:solarwinds:solarwinds_platform:-
-
cpe:2.3:a:solarwinds:solarwinds_platform:2022.2.0
-
cpe:2.3:a:solarwinds:solarwinds_platform:2022.3.0
-
cpe:2.3:a:solarwinds:solarwinds_platform:2022.4.0
-
cpe:2.3:a:solarwinds:solarwinds_platform:2023.1.0
-
cpe:2.3:a:solarwinds:solarwinds_platform:2023.2.0
-
cpe:2.3:a:solarwinds:solarwinds_platform:2023.3.0
-
cpe:2.3:a:solarwinds:solarwinds_platform:2023.4
-
cpe:2.3:a:solarwinds:solarwinds_platform:2023.4.1
-
cpe:2.3:a:solarwinds:solarwinds_platform:2023.4.2