CVE-2022-47508: Disable NTLM: SAM 2022.4
First published: Wed Feb 15 2023(Updated: )
Customers who had configured their polling to occur via Kerberos did not expect NTLM Traffic on their environment, but since we were querying for data via IP address this prevented us from utilizing Kerberos.
Credit: psirt@solarwinds.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| SolarWinds Server and Application Monitor | =2022.4 |
Remedy
All SolarWinds Platform customers are advised to upgrade to the latest version of the SolarWinds Platform version 2023.1
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2022-47508?
The severity of CVE-2022-47508 is high with a severity value of 7.5.
How does CVE-2022-47508 affect SolarWinds Server and Application Monitor?
CVE-2022-47508 affects SolarWinds Server and Application Monitor version 2022.4.
What is the impact of CVE-2022-47508?
The impact of CVE-2022-47508 is that customers who had configured their polling to occur via Kerberos did not expect NTLM Traffic on their environment.
How can I fix CVE-2022-47508?
To fix CVE-2022-47508, it is recommended to refer to the release notes of SolarWinds Server and Application Monitor version 2023.1 and apply the necessary updates.
Is there any additional information about CVE-2022-47508?
Yes, you can find more information about CVE-2022-47508 in the security advisories provided by SolarWinds.
- collector/nvd-index
- agent/references
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/title
- agent/last-modified-date
- agent/author
- agent/weakness
- agent/remedy
- agent/first-publish-date
- agent/description
- agent/tags
- agent/event
- vendor/solarwinds
- canonical/solarwinds server and application monitor
- version/solarwinds server and application monitor/2022.4