Vulnerabilities > CVE-2023-40060 - Unspecified vulnerability in Solarwinds Serv-U 15.4.0

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

solarwinds

NVD

Published: 2023-09-07

Updated: 2024-11-21

Summary

A vulnerability has been identified within Serv-U 15.4 and 15.4 Hotfix 1 that, if exploited, allows an actor to bypass multi-factor/two-factor authentication. The actor must have administrator-level access to Serv-U to perform this action. 15.4. SolarWinds found that the issue was not completely fixed in 15.4 Hotfix 1.

Vulnerable Configurations

Part	Description	Count
Application	Solarwinds Solarwinds Serv U 15.4.0	2

References

https://support.solarwinds.com/SuccessCenter/s/article/Serv-U-15-4-0-Hotfix-2?language=en_US
https://support.solarwinds.com/SuccessCenter/s/article/Serv-U-15-4-0-Hotfix-2?language=en_US
https://www.solarwinds.com/trust-center/security-advisories/CVE-2023-40060
https://www.solarwinds.com/trust-center/security-advisories/CVE-2023-40060