CVE-2023-23836: 
SolarWinds Platform vulnerability analysis and mitigation

SolarWinds Platform version 2022.4.1 was discovered to contain a Deserialization of Untrusted Data vulnerability, identified as CVE-2023-23836. This security flaw was disclosed on February 15, 2023, and allows remote attackers with Orion admin-level account access to the SolarWinds Web Console to execute arbitrary commands (NVD, CVE).

The vulnerability is classified as a Deserialization of Untrusted Data issue (CWE-502). It received a CVSS v3.1 base score of 7.2 HIGH with the vector string CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H. The specific flaw exists within the CredentialInitializer function, where proper validation of user-supplied data is lacking, resulting in the deserialization of untrusted data (ZDI Advisory).

Successful exploitation of this vulnerability allows attackers to execute arbitrary code in the context of SYSTEM, potentially leading to complete system compromise. The vulnerability affects confidentiality, integrity, and availability of the system, with all three impact metrics rated as High (ZDI Advisory).

SolarWinds released version 2023.1 to address this vulnerability. Additionally, they recommend following the guidance in the SolarWinds Secure Configuration Guide, including: avoiding exposure of the SolarWinds Platform website on the public internet, disabling unnecessary ports and services, applying proper network segmentation controls, and configuring firewalls to restrict access to port 5671 (Vendor Advisory).