CVE-2022-47508

Name of the Vulnerable Software and Affected Versions Solarwinds Server & Application Monitor (affected versions not specified)

Description The issue is related to weaknesses in the authentication procedure, allowing a remote attacker to bypass authentication and access confidential information using specially crafted NTLM protocol messages. Customers who configured polling via Kerberos did not expect NTLM traffic, but querying data via IP address prevented the use of Kerberos.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.