PT-2023-19247 · Solarwinds · Solarwinds Serv-U

Published

2023-06-15

Updated

2023-08-03

CVE-2023-23841

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions SolarWinds Serv-U (affected versions not specified)

Description The issue concerns SolarWinds Serv-U submitting an HTTP request when changing or updating attributes for File Share or File request, where part of the URL of the request discloses sensitive data.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Cleartext Transmission of Sensitive Information

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-319

Related Identifiers

CVE-2023-23841

Affected Products

Solarwinds Serv-U

PT-2023-19247 · Solarwinds · Solarwinds Serv-U

CVE-2023-23841

Weakness Enumeration

Related Identifiers

Affected Products

References · 6