CVE-2023-23837 - OpenCVE

No exception handling vulnerability which revealed sensitive or excessive information to users.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

Vendors & Products
CPE Configurations

Vendors	Products
Solarwinds	Database Performance Analyzer
Microsoft	Windows

Configuration 1 [-]

AND

cpe:2.3:a:solarwinds:database_performance_analyzer:*:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

References

Link	Resource
https://documentation.solarwinds.com/en/success_center/dpa/content/release_notes/dpa_2023-2_release_notes.htm	Release Notes
https://www.solarwinds.com/trust-center/security-advisories/cve-2023-23837	Broken Link Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: SolarWinds

Published: 2023-04-25T00:00:00

Updated: 2023-08-03T20:15:05.524Z

Reserved: 2023-01-18T00:00:00

Link: CVE-2023-23837

JSON object: View

NVD Information

Status : Modified

Published: 2023-04-25T18:15:09.300

Modified: 2023-08-03T21:15:13.427

Link: CVE-2023-23837

JSON object: View

Redhat Information

No data.

CWE

CWE-755

{"dataType": "CVE_RECORD", "dataVersion": "5.0", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2023-23837", "assignerOrgId": "49f11609-934d-4621-84e6-e02e032104d6", "assignerShortName": "SolarWinds", "dateUpdated": "2023-08-03T20:15:05.524Z", "dateReserved": "2023-01-18T00:00:00", "datePublished": "2023-04-25T00:00:00"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "platforms": ["Windows"], "product": "Database Performance Analyzer", "vendor": "SolarWinds", "versions": [{"status": "affected", "version": "2022.3 and previous versions"}]}], "datePublic": "2023-04-24T16:00:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>No exception handling vulnerability which revealed sensitive or excessive information to users.</p>"}], "value": "No exception handling vulnerability which revealed sensitive or excessive information to users.\n\n"}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"description": "No Exception Handling Vulnerability: Database Performance Analyzer (DPA) 2023.1", "lang": "en"}]}], "providerMetadata": {"orgId": "49f11609-934d-4621-84e6-e02e032104d6", "shortName": "SolarWinds", "dateUpdated": "2023-08-03T20:15:05.524Z"}, "references": [{"url": "https://documentation.solarwinds.com/en/success_center/dpa/content/release_notes/dpa_2023-2_release_notes.htm"}, {"url": "https://www.solarwinds.com/trust-center/security-advisories/cve-2023-23837"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>SolarWinds recommends upgrading to the latest version of DPA as soon as it becomes available.</p>"}], "value": "SolarWinds recommends upgrading to the latest version of DPA as soon as it becomes available.\n\n"}], "source": {"discovery": "UNKNOWN"}, "title": "No Exception Handling Vulnerability: Database Performance Analyzer (DPA) 2023.1", "x_generator": {"engine": "vulnogram 0.1.0-rc1"}}}}