CVE-2023-33226 - OpenCVE

The Network Configuration Manager was susceptible to a Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows a low-level user to perform the actions with SYSTEM privileges.

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

Vendors & Products
CPE Configurations

Vendors	Products
Solarwinds	Network Configuration Manager

Configuration 1 [-]

cpe:2.3:a:solarwinds:network_configuration_manager:*:*:*:*:*:*:*:*

References

Link	Resource
https://documentation.solarwinds.com/en/success_center/ncm/content/release_notes/ncm_2023-4_release_notes.htm	Release Notes
https://www.solarwinds.com/trust-center/security-advisories/CVE-2023-33226	Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: SolarWinds

Published: 2023-11-01T15:31:09.130Z

Updated: 2023-11-01T15:31:09.130Z

Reserved: 2023-05-18T17:07:54.138Z

Link: CVE-2023-33226

JSON object: View

NVD Information

Status : Analyzed

Published: 2023-11-01T16:15:08.213

Modified: 2023-11-09T13:00:14.980

Link: CVE-2023-33226

JSON object: View

Redhat Information

No data.

CWE

CWE-22

{"dataType": "CVE_RECORD", "dataVersion": "5.0", "cveMetadata": {"cveId": "CVE-2023-33226", "assignerOrgId": "49f11609-934d-4621-84e6-e02e032104d6", "state": "PUBLISHED", "assignerShortName": "SolarWinds", "dateReserved": "2023-05-18T17:07:54.138Z", "datePublished": "2023-11-01T15:31:09.130Z", "dateUpdated": "2023-11-01T15:31:09.130Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Network Configuration Manager", "vendor": "SolarWinds ", "versions": [{"status": "affected", "version": "2023.3.1 and previous versions "}]}], "credits": [{"lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "Piotr Bazydlo (@chudypb) of Trend Micro Zero Day Initiative"}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "The Network Configuration Manager was susceptible to a Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows a low-level user to perform the actions with SYSTEM privileges. "}], "value": "The Network Configuration Manager was susceptible to a Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows a low-level user to perform the actions with SYSTEM privileges. "}], "impacts": [{"capecId": "CAPEC-643", "descriptions": [{"lang": "en", "value": "CAPEC-643 Identify Shared Files/Directories on System"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-22", "description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "49f11609-934d-4621-84e6-e02e032104d6", "shortName": "SolarWinds", "dateUpdated": "2023-11-01T15:31:09.130Z"}, "references": [{"url": "https://www.solarwinds.com/trust-center/security-advisories/CVE-2023-33226"}, {"url": "https://documentation.solarwinds.com/en/success_center/ncm/content/release_notes/ncm_2023-4_release_notes.htm"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "All Network Configuration Manager customers are advised to upgrade to the latest version of the Network Configuration Manager version 2023.4<br>"}], "value": "All Network Configuration Manager customers are advised to upgrade to the latest version of the Network Configuration Manager version 2023.4\n"}], "source": {"discovery": "UNKNOWN"}, "title": "Directory Traversal Remote Code Execution Vulnerability", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:solarwinds:network_configuration_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "0D609C25-DF3D-4980-92C8-BCEF69BCFF16", "versionEndExcluding": "2023.4", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "The Network Configuration Manager was susceptible to a Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows a low-level user to perform the actions with SYSTEM privileges. "}, {"lang": "es", "value": "Network Configuration Manager era susceptible a una vulnerabilidad de Directory Traversal Remote Code Execution. Esta vulnerabilidad permite que un usuario de bajo nivel realice acciones con privilegios de SYSTEM."}], "id": "CVE-2023-33226", "lastModified": "2023-11-09T13:00:14.980", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.0, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.1, "impactScore": 5.9, "source": "psirt@solarwinds.com", "type": "Secondary"}]}, "published": "2023-11-01T16:15:08.213", "references": [{"source": "psirt@solarwinds.com", "tags": ["Release Notes"], "url": "https://documentation.solarwinds.com/en/success_center/ncm/content/release_notes/ncm_2023-4_release_notes.htm"}, {"source": "psirt@solarwinds.com", "tags": ["Vendor Advisory"], "url": "https://www.solarwinds.com/trust-center/security-advisories/CVE-2023-33226"}], "sourceIdentifier": "psirt@solarwinds.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-22"}], "source": "psirt@solarwinds.com", "type": "Primary"}]}