CVE-2023-50395: 
SolarWinds Platform vulnerability analysis and mitigation

A SQL Injection Remote Code Execution Vulnerability (CVE-2023-50395) was discovered in the SolarWinds Platform. The vulnerability was found using an update statement and requires user authentication to be exploited. The vulnerability affects SolarWinds Platform versions up to (excluding) 2024.1, with the discovery and disclosure date being February 6, 2024 (NVD, SolarWinds Advisory).

The vulnerability exists within the AppendCreatePrimary method and stems from improper validation of user-supplied strings before using them to construct SQL queries. It has been assigned a CVSS v3.1 base score of 8.0 (High) with the vector string CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H. The vulnerability is classified as CWE-89 (Improper Neutralization of Special Elements used in an SQL Command) (NVD, ZDI Advisory).

If successfully exploited, the vulnerability allows attackers to execute arbitrary code in the context of SYSTEM on affected installations of the SolarWinds Platform. The impact spans across confidentiality, integrity, and availability, all rated as High according to the CVSS scoring (ZDI Advisory).

SolarWinds has released version 2024.1 of the SolarWinds Platform to address this vulnerability. Organizations are advised to upgrade to this version to mitigate the risk. The update includes not only the fix for this vulnerability but also enhanced security features such as new password requirements for local accounts (Release Notes).