CVE-2023-40054 - OpenCVE

The Network Configuration Manager was susceptible to a Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows a low-level user to perform the actions with SYSTEM privileges. We found this issue was not resolved in CVE-2023-33226

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

Vendors & Products
CPE Configurations

Vendors	Products
Solarwinds	Network Configuration Manager

Configuration 1 [-]

cpe:2.3:a:solarwinds:network_configuration_manager:*:*:*:*:*:*:*:*

References

Link	Resource
https://documentation.solarwinds.com/en/success_center/ncm/content/release_notes/ncm_2023-4-1_release_notes.htm	Release Notes Vendor Advisory
https://www.solarwinds.com/trust-center/security-advisories/CVE-2023-40054	Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: SolarWinds

Published: 2023-11-09T15:05:53.355Z

Updated: 2023-11-09T15:05:53.355Z

Reserved: 2023-08-08T23:22:08.618Z

Link: CVE-2023-40054

JSON object: View

NVD Information

Status : Analyzed

Published: 2023-11-09T15:15:07.910

Modified: 2023-11-17T16:47:04.747

Link: CVE-2023-40054

JSON object: View

Redhat Information

No data.

CWE

CWE-22

{"dataType": "CVE_RECORD", "dataVersion": "5.0", "cveMetadata": {"cveId": "CVE-2023-40054", "assignerOrgId": "49f11609-934d-4621-84e6-e02e032104d6", "state": "PUBLISHED", "assignerShortName": "SolarWinds", "dateReserved": "2023-08-08T23:22:08.618Z", "datePublished": "2023-11-09T15:05:53.355Z", "dateUpdated": "2023-11-09T15:05:53.355Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Network Configuration Manager", "vendor": "SolarWinds ", "versions": [{"status": "affected", "version": "2023.4 and previous versions"}]}], "credits": [{"lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "SolarWinds Security Team "}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "The Network Configuration Manager was susceptible to a Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows a low-level user to perform the actions with SYSTEM privileges. We found this issue was not resolved in CVE-2023-33226"}], "value": "The Network Configuration Manager was susceptible to a Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows a low-level user to perform the actions with SYSTEM privileges.\u00a0We found this issue was not resolved in CVE-2023-33226"}], "impacts": [{"capecId": "CAPEC-643", "descriptions": [{"lang": "en", "value": "CAPEC-643 Identify Shared Files/Directories on System"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-22", "description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "49f11609-934d-4621-84e6-e02e032104d6", "shortName": "SolarWinds", "dateUpdated": "2023-11-09T15:05:53.355Z"}, "references": [{"url": "https://www.solarwinds.com/trust-center/security-advisories/CVE-2023-40054"}, {"url": "https://documentation.solarwinds.com/en/success_center/ncm/content/release_notes/ncm_2023-4-1_release_notes.htm"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "All Network Configuration Manager customers are advised to upgrade to the latest version of the Network Configuration Manager version 2023.4.1<br>"}], "value": "All Network Configuration Manager customers are advised to upgrade to the latest version of the Network Configuration Manager version 2023.4.1\n"}], "source": {"discovery": "UNKNOWN"}, "title": "SolarWinds Network Configuration Manager Directory Traversal Remote Code Execution Vulnerability", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:solarwinds:network_configuration_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "326A77F4-FAF0-4F79-8BC3-2E60C124BD52", "versionEndIncluding": "2023.4", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "The Network Configuration Manager was susceptible to a Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows a low-level user to perform the actions with SYSTEM privileges.\u00a0We found this issue was not resolved in CVE-2023-33226"}, {"lang": "es", "value": "Network Configuration Manager era susceptible a Directory Traversal Remote Code Execution Vulnerability. Esta vulnerabilidad permite que un usuario de bajo nivel realice acciones con privilegios de SYSTEMA. Descubrimos que este problema no se resolvi\u00f3 en CVE-2023-33226."}], "id": "CVE-2023-40054", "lastModified": "2023-11-17T16:47:04.747", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.0, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.1, "impactScore": 5.9, "source": "psirt@solarwinds.com", "type": "Secondary"}]}, "published": "2023-11-09T15:15:07.910", "references": [{"source": "psirt@solarwinds.com", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://documentation.solarwinds.com/en/success_center/ncm/content/release_notes/ncm_2023-4-1_release_notes.htm"}, {"source": "psirt@solarwinds.com", "tags": ["Vendor Advisory"], "url": "https://www.solarwinds.com/trust-center/security-advisories/CVE-2023-40054"}], "sourceIdentifier": "psirt@solarwinds.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-22"}], "source": "psirt@solarwinds.com", "type": "Primary"}]}