CVE-2023-40055 – SolarWinds Network Configuration Manager Directory Traversal Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-40055
The Network Configuration Manager was susceptible to a Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows a low-level user to perform the actions with SYSTEM privileges. We found this issue was not resolved in CVE-2023-33227 Network Configuration Manager era susceptible a Directory Traversal Remote Code Execution Vulnerability. Esta vulnerabilidad permite que un usuario de bajo nivel realice acciones con privilegios de SYSTEM. Descubrimos que este problema no se resolvió en CVE-2023-33227. • https://www.solarwinds.com/trust-center/security-advisories/CVE-2023-40055 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVE-2023-40054 – SolarWinds Network Configuration Manager Directory Traversal Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-40054
The Network Configuration Manager was susceptible to a Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows a low-level user to perform the actions with SYSTEM privileges. We found this issue was not resolved in CVE-2023-33226 Network Configuration Manager era susceptible a Directory Traversal Remote Code Execution Vulnerability. Esta vulnerabilidad permite que un usuario de bajo nivel realice acciones con privilegios de SYSTEMA. Descubrimos que este problema no se resolvió en CVE-2023-33226. • https://documentation.solarwinds.com/en/success_center/ncm/content/release_notes/ncm_2023-4-1_release_notes.htm https://www.solarwinds.com/trust-center/security-advisories/CVE-2023-40054 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVE-2023-33228 – SolarWinds Network Configuration Manager Sensitive Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2023-33228
The SolarWinds Network Configuration Manager was susceptible to the Exposure of Sensitive Information Vulnerability. This vulnerability allows users with administrative access to SolarWinds Web Console to obtain sensitive information. Network Configuration Manager de SolarWinds era susceptible a la vulnerabilidad de Exposición de Información Confidencial. Esta vulnerabilidad permite a los usuarios con acceso administrativo a SolarWinds Web Console obtener información confidencial. • https://documentation.solarwinds.com/en/success_center/ncm/content/release_notes/ncm_2023-4_release_notes.htm https://www.solarwinds.com/trust-center/security-advisories/CVE-2023-33228 • CWE-311: Missing Encryption of Sensitive Data •
CVE-2023-33227 – Directory Traversal Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-33227
The Network Configuration Manager was susceptible to a Directory Traversal Remote Code Execution Vulnerability This vulnerability allows a low level user to perform the actions with SYSTEM privileges. Network Configuration Manager era susceptible a una vulnerabilidad de Directory Traversal Remote Code Execution. Esta vulnerabilidad permite a un usuario de bajo nivel realizar acciones con privilegios de SYSTEM. This vulnerability allows remote attackers to execute arbitrary code on affected installations of SolarWinds Network Configuration Manager. Authentication is required to exploit this vulnerability. The specific flaw exists within the SaveResultsToFile method. • https://documentation.solarwinds.com/en/success_center/ncm/content/release_notes/ncm_2023-4_release_notes.htm https://www.solarwinds.com/trust-center/security-advisories/CVE-2023-33227 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVE-2023-33226 – Directory Traversal Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-33226
The Network Configuration Manager was susceptible to a Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows a low-level user to perform the actions with SYSTEM privileges. Network Configuration Manager era susceptible a una vulnerabilidad de Directory Traversal Remote Code Execution. Esta vulnerabilidad permite que un usuario de bajo nivel realice acciones con privilegios de SYSTEM. This vulnerability allows remote attackers to execute arbitrary code on affected installations of SolarWinds Network Configuration Manager. • https://documentation.solarwinds.com/en/success_center/ncm/content/release_notes/ncm_2023-4_release_notes.htm https://www.solarwinds.com/trust-center/security-advisories/CVE-2023-33226 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •