CVE-2023-23840

Name of the Vulnerable Software and Affected Versions SolarWinds Orion Platform (affected versions not specified)

Description The issue is related to an incorrect comparison vulnerability in the UpdateAction method of the SolarWinds Orion Platform. This vulnerability can be exploited by a remote attacker to execute arbitrary code with NETWORK SERVICE privileges. It affects users with administrative access to the SolarWinds Web Console, allowing them to execute arbitrary commands.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.