Vulnerability Description
SQL Injection Remote Code Execution Vulnerability was found using an update statement in the SolarWinds Platform. This vulnerability requires user authentication to be exploited
CVSS Score
8.0
HIGH
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Solarwinds | Solarwinds Platform | < 2024.1 |
Related Weaknesses (CWE)
References
- https://documentation.solarwinds.com/en/success_center/orionplatform/content/relRelease Notes
- https://www.solarwinds.com/trust-center/security-advisories/CVE-2023-50395Vendor Advisory
- https://documentation.solarwinds.com/en/success_center/orionplatform/content/relRelease Notes
- https://www.solarwinds.com/trust-center/security-advisories/CVE-2023-50395Vendor Advisory
FAQ
What is CVE-2023-50395?
CVE-2023-50395 is a vulnerability with a CVSS score of 8.0 (HIGH). SQL Injection Remote Code Execution Vulnerability was found using an update statement in the SolarWinds Platform. This vulnerability requires user authentication to be exploited
How severe is CVE-2023-50395?
CVE-2023-50395 has been rated HIGH with a CVSS base score of 8.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2023-50395?
Check the references section above for vendor advisories and patch information. Affected products include: Solarwinds Solarwinds Platform.