What is CVE-2023-23844?

CVE-2023-23844 is the vulnerability that affected the SolarWinds Platform, allowing users with administrative access to SolarWinds Web Console to execute arbitrary commands with SYSTEM privileges.

What is the severity of CVE-2023-23844?

CVE-2023-23844 has a severity rating of 7.2 (High).

How can I fix CVE-2023-23844?

To fix CVE-2023-23844, it is recommended to apply the necessary security updates provided by SolarWinds.

Where can I find more information about CVE-2023-23844?

You can find more information about CVE-2023-23844 in the SolarWinds security advisories and release notes linked below: - [SolarWinds Security Advisories](https://www.solarwinds.com/trust-center/security-advisories/CVE-2023-23844) - [SolarWinds Platform 2023.3 Release Notes](https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/solarwinds_platform_2023-3_release_notes.htm)

Vulnerability/
CVE-2023-23844

high

7.2

CWE

697 184

26/7/2023

23/10/2024

CVE-2023-23844: SolarWinds Platform Incomplete List of Disallowed Inputs Vulnerability

Q: How does CVE-2023-23844 impact SolarWinds Platform?

CVE-2023-23844 allows users with administrative access to SolarWinds Web Console to execute arbitrary commands with SYSTEM privileges.

First published: Wed Jul 26 2023(Updated: )

The SolarWinds Platform was susceptible to the Incorrect Comparison Vulnerability. This vulnerability allows users with administrative access to SolarWinds Web Console to execute arbitrary commands with SYSTEM privileges.

Credit: psirt@solarwinds.com psirt@solarwinds.com

Affected Software	Affected Version	How to fix
Solarwinds Solarwinds Platform	<2023.3.0

Remedy

All SolarWinds Platform customers are advised to upgrade to the latest version of the SolarWinds Platform version 2023.3

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is CVE-2023-23844?
CVE-2023-23844 is the vulnerability that affected the SolarWinds Platform, allowing users with administrative access to SolarWinds Web Console to execute arbitrary commands with SYSTEM privileges.
How does CVE-2023-23844 impact SolarWinds Platform?
CVE-2023-23844 allows users with administrative access to SolarWinds Web Console to execute arbitrary commands with SYSTEM privileges.
What is the severity of CVE-2023-23844?
CVE-2023-23844 has a severity rating of 7.2 (High).
How can I fix CVE-2023-23844?
To fix CVE-2023-23844, it is recommended to apply the necessary security updates provided by SolarWinds.
Where can I find more information about CVE-2023-23844?
You can find more information about CVE-2023-23844 in the SolarWinds security advisories and release notes linked below: - [SolarWinds Security Advisories](https://www.solarwinds.com/trust-center/security-advisories/CVE-2023-23844) - [SolarWinds Platform 2023.3 Release Notes](https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/solarwinds_platform_2023-3_release_notes.htm)

collector/nvd-index
agent/weakness
agent/references
agent/author
agent/type
agent/softwarecombine
collector/nvd-latest
agent/software-canonical-lookup-request
agent/severity
agent/description
collector/nvd-api
collector/mitre-cve
source/MITRE
agent/title
agent/remedy
agent/last-modified-date
agent/tags
agent/first-publish-date
agent/event
vendor/solarwinds
canonical/solarwinds solarwinds platform

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.