CVE-2023-23837

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2023-23837
No exception handling vulnerability which revealed sensitive or excessive information to users.

7.5 /10

CVSS v3.0 : HIGH

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References
Link Resource
https://documentation.solarwinds.com/en/success_center/dpa/content/release_notes/dpa_2023-2_release_notes.htm Release Notes
https://documentation.solarwinds.com/en/success_center/dpa/content/release_notes/dpa_2023-2_release_notes.htm Release Notes
https://www.solarwinds.com/trust-center/security-advisories/cve-2023-23837 Broken Link Vendor Advisory
https://www.solarwinds.com/trust-center/security-advisories/cve-2023-23837 Broken Link Vendor Advisory
Configurations

Configuration 1 (hide)

AND
cpe:2.3:a:solarwinds:database_performance_analyzer:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
History

04 Feb 2025, 17:15

Type Values Removed Values Added
References (MISC) https://documentation.solarwinds.com/en/success_center/dpa/content/release_notes/dpa_2023-2_release_notes.htm - Release Notes () https://documentation.solarwinds.com/en/success_center/dpa/content/release_notes/dpa_2023-2_release_notes.htm - Release Notes
References (MISC) https://www.solarwinds.com/trust-center/security-advisories/cve-2023-23837 - Broken Link, Vendor Advisory () https://www.solarwinds.com/trust-center/security-advisories/cve-2023-23837 - Broken Link, Vendor Advisory

03 Aug 2023, 21:15

Type Values Removed Values Added
Summary No exception handling vulnerability which revealed sensitive or excessive information to users. No exception handling vulnerability which revealed sensitive or excessive information to users.

04 May 2023, 19:30

Type Values Removed Values Added
CVSS v2 : unknown
v3 : unknown 		v2 : unknown
v3 : 7.5
CWE CWE-755
CPE cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
cpe:2.3:a:solarwinds:database_performance_analyzer:*:*:*:*:*:*:*:*
References (MISC) https://documentation.solarwinds.com/en/success_center/dpa/content/release_notes/dpa_2023-2_release_notes.htm - (MISC) https://documentation.solarwinds.com/en/success_center/dpa/content/release_notes/dpa_2023-2_release_notes.htm - Release Notes
References (MISC) https://www.solarwinds.com/trust-center/security-advisories/cve-2023-23837 - (MISC) https://www.solarwinds.com/trust-center/security-advisories/cve-2023-23837 - Broken Link, Vendor Advisory
First Time Solarwinds database Performance Analyzer
Microsoft
Microsoft windows
Solarwinds

25 Apr 2023, 18:15

Type Values Removed Values Added
New CVE
Information

Published : 2023-04-25 18:15

Updated : 2025-02-04 17:15

NVD link : CVE-2023-23837

Mitre link : CVE-2023-23837

JSON object : View

Products Affected

microsoft

  • windows

solarwinds

  • database_performance_analyzer
CWE
CWE-755

Improper Handling of Exceptional Conditions