Version 2022.4.1 and prior versions

CVE-2022-47507

SolarWinds Platform was susceptible to the Deserialization of Untrusted Data. This vulnerability allows a remote adversary with Orion admin-level account access to SolarWinds Web Console to execute arbitrary commands.

HIGH CVSS 7.2 Published Feb 15, 2023

CVE-2022-47504

SolarWinds Platform was susceptible to the Deserialization of Untrusted Data. This vulnerability allows a remote adversary with Orion admin-level account access to SolarWinds Web Console to execute arbitrary commands.

HIGH CVSS 7.2 Published Feb 15, 2023

CVE-2022-38111

SolarWinds Platform was susceptible to the Deserialization of Untrusted Data. This vulnerability allows a remote adversary with Orion admin-level account access to SolarWinds Web Console to execute arbitrary commands.

HIGH CVSS 7.2 Published Feb 15, 2023

CVE-2023-23836

SolarWinds Platform version 2022.4.1 was found to be susceptible to the Deserialization of Untrusted Data. This vulnerability allows a remote adversary with Orion admin-level account access to the SolarWinds Web Console to execute arbitrary commands.

HIGH CVSS 7.2 Published Feb 15, 2023