Solarwinds · Solarwinds Platform · CVE-2022-36966
**Name of the Vulnerable Software and Affected Versions**
SolarWinds Platform versions 2022.3 and previous
**Description**
The issue is related to insufficient control on a URL parameter, causing an insecure direct object reference (IDOR) vulnerability. This allowed users with Node Management rights to view and edit all nodes.
**Recommendations**
For SolarWinds Platform versions 2022.3 and previous, update to a version that includes a fix for the insecure direct object reference vulnerability. As a temporary workaround, consider restricting Node Management rights to minimize the risk of exploitation.