cbcvebase.
CVE-2023-23841
published 2023-06-15

CVE-2023-23841: SolarWinds Serv-U is submitting an HTTP request when changing or updating the attributes for File Share or File request. Part of the URL of the request…

PriorityP340high7.5CVSS 3.1
AVNACLPRNUINSUCHINAN
EPSS
0.46%
36.2th percentile
SolarWinds Serv-U is submitting an HTTP request when changing or updating the attributes for File Share or File request. Part of the URL of the request discloses sensitive data.

Affected

2 ranges
VendorProductVersion rangeFixed in
solarwindsserv-u< 15.415.4
solarwindsservuprevious versions – 15.3.2
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.