First published: Wed Nov 01 2023(Updated: )
The SolarWinds Network Configuration Manager was susceptible to the Exposure of Sensitive Information Vulnerability. This vulnerability allows users with administrative access to SolarWinds Web Console to obtain sensitive information.
Credit: psirt@solarwinds.com
Affected Software | Affected Version | How to fix |
---|---|---|
SolarWinds Network Configuration Manager | <2023.4 |
All SolarWinds Network Configuration Manager customers are advised to upgrade to the latest version of the SolarWinds Network Configuration Manager version 2023.4
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2023-33228 is a vulnerability in SolarWinds Network Configuration Manager that allows users with administrative access to obtain sensitive information.
CVE-2023-33228 has a severity rating of medium (4.5).
The vulnerability can be exploited by users with administrative access to the SolarWinds Web Console.
The affected software version for CVE-2023-33228 is SolarWinds Network Configuration Manager up to version 2023.4.
To fix CVE-2023-33228, it is recommended to update SolarWinds Network Configuration Manager to version 2023.4 or newer.