Sensitive Data Disclosure in SolarWinds Serv-U File Share and File Request Attribute Changes

Sensitive Data Disclosure in SolarWinds Serv-U File Share and File Request Attribute Changes

CVE-2023-23841 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

SolarWinds Serv-U is submitting an HTTP request when changing or updating the attributes for File Share or File request.  Part of the URL of the request discloses sensitive data. 

Learn more about our Web Application Penetration Testing UK.