Vulnerability Description
The SolarWinds Network Configuration Manager was susceptible to the Exposure of Sensitive Information Vulnerability. This vulnerability allows users with administrative access to SolarWinds Web Console to obtain sensitive information.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Solarwinds | Network Configuration Manager | < 2023.4 |
Related Weaknesses (CWE)
References
- https://documentation.solarwinds.com/en/success_center/ncm/content/release_notesRelease Notes
- https://www.solarwinds.com/trust-center/security-advisories/CVE-2023-33228Vendor Advisory
- https://documentation.solarwinds.com/en/success_center/ncm/content/release_notesRelease Notes
- https://www.solarwinds.com/trust-center/security-advisories/CVE-2023-33228Vendor Advisory
FAQ
What is CVE-2023-33228?
CVE-2023-33228 is a vulnerability with a CVSS score of 4.5 (MEDIUM). The SolarWinds Network Configuration Manager was susceptible to the Exposure of Sensitive Information Vulnerability. This vulnerability allows users with administrative access to SolarWinds Web Consol...
How severe is CVE-2023-33228?
CVE-2023-33228 has been rated MEDIUM with a CVSS base score of 4.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2023-33228?
Check the references section above for vendor advisories and patch information. Affected products include: Solarwinds Network Configuration Manager.