exploitDog

CVE-2023-23838

Опубликовано: 25 апр. 2023

Источник: nvd

CVSS3: 6.5

EPSS Низкий

Описание

Directory traversal and file enumeration vulnerability which allowed users to enumerate to different folders of the server.

Ссылки

https://documentation.solarwinds.com/en/success_center/dpa/content/release_notes/dpa_2023-2_release_notes.htm
Release Notes
https://www.solarwinds.com/trust-center/security-advisories/cve-2023-23838
Broken Link
Vendor Advisory
https://documentation.solarwinds.com/en/success_center/dpa/content/release_notes/dpa_2023-2_release_notes.htm
Release Notes
https://www.solarwinds.com/trust-center/security-advisories/cve-2023-23838
Broken Link
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:a:solarwinds:database_performance_analyzer:*:*:*:*:*:*:*:*

Версия до 2023.2 (исключая)

cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

EPSS

Процентиль: 73%

0.0076

Низкий

6.5 Medium

CVSS3

Дефекты

CWE-22

CWE-22

Связанные уязвимости

GHSA-jg2w-28qh-4f7h

CVSS3: 4

github

почти 3 года назад

Directory traversal and file enumeration vulnerability which allowed users to enumerate to different folders of the server.

EPSS

Процентиль: 73%

0.0076

Низкий

6.5 Medium

CVSS3

Дефекты

CWE-22

CWE-22