CVE-2023-23839

MEDIUM

SolarWinds Platform - Info Disclosure

Title source: llm

Description

The SolarWinds Platform was susceptible to the Exposure of Sensitive Information Vulnerability. This vulnerability allows users to access Orion.WebCommunityStrings SWIS schema object and obtain sensitive information.

References (2)

Core 2

Core References

Release Notes

https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/solarwinds_platform_2023-2_release_notes.htm

Vendor Advisory

https://www.solarwinds.com/trust-center/security-advisories/CVE-2023-23839

Scores

CVSS v3 6.5

EPSS 0.0235

EPSS Percentile 85.1%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-200

Status published

Products (1)

solarwinds/solarwinds_platform < 2023.2.0

Published Apr 25, 2023

Tracked Since Feb 18, 2026