CVE-2023-23840

HIGH Year: 2023
CVSS v3 Score
7.2
High
Weakness Type
CWE-697
View all →

Vulnerability Description

The SolarWinds Platform was susceptible to the Incorrect Comparison Vulnerability. This vulnerability allows users with administrative access to SolarWinds Web Console to execute arbitrary commands with NETWORK SERVICE privileges.

Related Vulnerabilities

CVE-2023-23843

HIGH
CVSS:7.2(High)

The SolarWinds Platform was susceptible to the Incorrect Comparison Vulnerability. This vulnerability allows users with administrative access to SolarWinds Web Console to execute arbitrary commands.

CWE-6972023

CVE-2023-23845

HIGH
CVSS:7.2(High)

The SolarWinds Platform was susceptible to the Incorrect Comparison Vulnerability. This vulnerability allows users with administrative access to SolarWinds Web Console to execute arbitrary commands wi...

CWE-6972023

CVE-2023-33225

HIGH
CVSS:7.2(High)

The SolarWinds Platform was susceptible to the Incorrect Comparison Vulnerability. This vulnerability allows users with administrative access to SolarWinds Web Console to execute arbitrary commands wi...

CWE-6972023

CVE-2024-41958

HIGH
CVSS:7.2(High)

mailcow: dockerized is an open source groupware/email suite based on docker. A vulnerability has been discovered in the two-factor authentication (2FA) mechanism. This flaw allows an authenticated att...

CWE-6972024

CVE-2023-23764

HIGH
CVSS:7.1(High)

An incorrect comparison vulnerability was identified in GitHub Enterprise Server that allowed commit smuggling by displaying an incorrect diff within the GitHub pull request UI. To do so, an attacker ...

CWE-6972023

CVE-2005-2801

HIGH
CVSS:7.5(High)

xattr.c in the ext2 and ext3 file system code for Linux kernel 2.6 does not properly compare the name_index fields when sharing xattr blocks, which could prevent default ACLs from being applied.

CWE-6972005