Vulnerability Description
A vulnerability has been identified within Serv-U 15.4 that, if exploited, allows an actor to bypass multi-factor/two-factor authentication. The actor must have administrator-level access to Serv-U to perform this action.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Solarwinds | Serv-U | 15.4.0 |
Related Weaknesses (CWE)
References
- https://support.solarwinds.com/SuccessCenter/s/article/Serv-U-15-4-Hotfix-1?langRelease Notes
- https://www.solarwinds.com/trust-center/security-advisories/CVE-2023-35179Broken Link
- https://support.solarwinds.com/SuccessCenter/s/article/Serv-U-15-4-Hotfix-1?langRelease Notes
- https://www.solarwinds.com/trust-center/security-advisories/CVE-2023-35179Broken Link
FAQ
What is CVE-2023-35179?
CVE-2023-35179 is a vulnerability with a CVSS score of 7.2 (HIGH). A vulnerability has been identified within Serv-U 15.4 that, if exploited, allows an actor to bypass multi-factor/two-factor authentication. The actor must have administrator-level access to Serv-U t...
How severe is CVE-2023-35179?
CVE-2023-35179 has been rated HIGH with a CVSS base score of 7.2/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2023-35179?
Check the references section above for vendor advisories and patch information. Affected products include: Solarwinds Serv-U.