The French Computer Emergency Response Team (CERT-FR) has issued a warning regarding several vulnerabilities identified in SolarWinds products. These vulnerabilities expose systems to potential breaches of data confidentiality and remote arbitrary code execution. The impacted systems include SolarWinds Network Configuration Manager (versions before 2023.4) and SolarWinds Platform (versions before 2023.4). Users are advised to consult SolarWinds’ security bulletins for the necessary patches.
References to Common Vulnerabilities and Exposures (CVE) are as follows:
- CVE-2023-33227
- CVE-2023-33228
- CVE-2023-40061
- CVE-2023-40062