CVE-2022-47508

HIGH

SolarWinds Server & Application Monitor - Unauthenticated NTLM Traffic Exposure via IP Address Polling

Title source: llm

Description

Customers who had configured their polling to occur via Kerberos did not expect NTLM Traffic on their environment, but since we were querying for data via IP address this prevented us from utilizing Kerberos.

References (2)

Core 2

Core References

Release Notes

https://documentation.solarwinds.com/en/success_center/sam/content/release_notes/sam_2023-1_release_notes.htm

Vendor Advisory

https://www.solarwinds.com/trust-center/security-advisories/CVE-2022-47508

Scores

CVSS v3 7.5

EPSS 0.0026

EPSS Percentile 49.9%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact partial

Details

CWE

CWE-287

Status published

Products (1)

solarwinds/server_and_application_monitor 2022.4

Published Feb 15, 2023

Tracked Since Feb 18, 2026