{"vulnerability": "CVE-2023-2383", "sightings": [{"uuid": "a5c02852-4037-4c9d-9db3-07ba136aa697", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-23831", "type": "seen", "source": "https://gist.github.com/alon710/e37d2547f94caa98a9dc8481904a9195", "content": "", "creation_timestamp": "2026-01-24T21:22:47.000000Z"}, {"uuid": "0ce87eba-7d28-4bed-a942-191c2914156c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-23831", "type": "seen", "source": "https://gist.github.com/alon710/a9ecb519c88d3e48ea274150847b2f2a", "content": "", "creation_timestamp": "2026-01-24T22:18:23.000000Z"}, {"uuid": "7b544fea-30ee-469d-9838-9b18cb548270", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-23831", "type": "seen", "source": "https://gist.github.com/alon710/07ffe3f71eb5ee388c1afbc41406b2ab", "content": "", "creation_timestamp": "2026-01-24T22:18:20.000000Z"}, {"uuid": "442c83a3-13b1-411c-9fb9-b2277ee6fb09", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-23834", "type": "seen", "source": "Telegram/OARnK3EMe2Cw1xcgbMRyZExkmxC_ytNPA-Jbdcf3oc4A1R4Q", "content": "", "creation_timestamp": "2025-03-02T11:46:31.000000Z"}, {"uuid": "0fc0be2d-c842-4c7d-9171-09cdfd8311c1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-23836", "type": "seen", "source": "https://t.me/true_secator/4088", "content": "SolarWinds \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b\u0430 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u0431\u044e\u043b\u043b\u0435\u0442\u0435\u043d\u0435\u0439 \u0434\u043b\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0441\u0442\u0435\u043f\u0435\u043d\u0438 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0431\u0443\u0434\u0443\u0442 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u044b \u0432 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0438 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b \u043a \u043a\u043e\u043d\u0446\u0443 \u0444\u0435\u0432\u0440\u0430\u043b\u044f.\n\n\u0418\u0437 \u0441\u0435\u043c\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u043f\u044f\u0442\u044c \u043e\u043f\u0438\u0441\u044b\u0432\u0430\u044e\u0442\u0441\u044f \u043a\u0430\u043a \u0434\u0435\u0441\u0435\u0440\u0438\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u044f \u043f\u0440\u043e\u0431\u043b\u0435\u043c \u0441 \u043d\u0435\u043d\u0430\u0434\u0435\u0436\u043d\u044b\u043c\u0438 \u0434\u0430\u043d\u043d\u044b\u043c\u0438 \u0438 \u043c\u043e\u0433\u0443\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u044b \u0434\u043b\u044f \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u043c\u0430\u043d\u0434.\u00a0\u0427\u0435\u0442\u044b\u0440\u0435 \u0438\u0437 \u043d\u0438\u0445 \u043f\u0440\u0438 \u044d\u0442\u043e\u043c \u0438\u043c\u0435\u044e\u0442 \u043e\u0446\u0435\u043d\u043a\u0443 CVSS 8,8.\n\nCVE-2023-23836, CVE-2022-47503, CVE-2022-47504 \u0438 CVE-2022-47507 \u043c\u043e\u0433\u0443\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0441 \u0443\u0447\u0435\u0442\u043d\u043e\u0439 \u0437\u0430\u043f\u0438\u0441\u044c\u044e \u0443\u0440\u043e\u0432\u043d\u044f \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430 Orion \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0432\u0435\u0431-\u043a\u043e\u043d\u0441\u043e\u043b\u0438 SolarWinds \u0434\u043b\u044f \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0435 \u043a\u043e\u043c\u0430\u043d\u0434\u044b.\n\n\u041f\u044f\u0442\u0443\u044e \u043e\u0448\u0438\u0431\u043a\u0443 CVE-2022-38111 SolarWinds \u0441\u0447\u0438\u0442\u0430\u0435\u0442 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u043e\u0439 \u0441\u0440\u0435\u0434\u043d\u0435\u0439 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438, \u0445\u043e\u0442\u044f \u043f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u0443\u0441\u043f\u0435\u0448\u043d\u043e\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0442\u0430\u043a\u0438\u0435 \u0436\u0435.\u00a0\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0442\u0430\u043a\u0436\u0435 \u0438\u043c\u0435\u0435\u0442 \u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e \u0432\u044b\u0441\u043e\u043a\u0443\u044e \u043e\u0446\u0435\u043d\u043a\u0443 CVSS 7,2.\n\n\u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u0442\u0430\u043a\u0436\u0435 \u043e\u0431\u044a\u044f\u0432\u0438\u043b\u0430 \u043e\u0431 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f\u0445 \u0434\u043b\u044f \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043e\u0431\u0445\u043e\u0434\u0430 \u043f\u0443\u0442\u0438 \u0432 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u0435 SolarWinds, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u0442\u0441\u044f \u043a\u0430\u043a CVE-2022-47506 (\u043e\u0446\u0435\u043d\u043a\u0430 CVSS 8,8).\n\n\u042d\u0442\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0441 \u0430\u0432\u0442\u043e\u0440\u0438\u0437\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u0434\u043e\u0441\u0442\u0443\u043f\u043e\u043c \u043a \u0443\u0447\u0435\u0442\u043d\u043e\u0439 \u0437\u0430\u043f\u0438\u0441\u0438 \u0440\u0435\u0434\u0430\u043a\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u044e \u043f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044f \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0435 \u043a\u043e\u043c\u0430\u043d\u0434\u044b.\n\n\u041f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u0430 SolarWinds 2023.1, \u043a\u043e\u0442\u043e\u0440\u0430\u044f, \u043a\u0430\u043a \u043e\u0436\u0438\u0434\u0430\u0435\u0442\u0441\u044f, \u0441\u0442\u0430\u043d\u0435\u0442 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u0430 \u043a \u043a\u043e\u043d\u0446\u0443 \u043c\u0435\u0441\u044f\u0446\u0430, \u0431\u0443\u0434\u0435\u0442 \u0441\u043e\u0434\u0435\u0440\u0436\u0430\u0442\u044c \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u0432\u0441\u0435\u0445 \u0437\u0430\u044f\u0432\u043b\u0435\u043d\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438\u0435\u0439. \u041a\u043b\u0438\u0435\u043d\u0442\u0430\u043c \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c\u0441\u044f \u0434\u043e \u044d\u0442\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438, \u043a\u0430\u043a \u0442\u043e\u043b\u044c\u043a\u043e \u043e\u043d\u0430 \u0441\u0442\u0430\u043d\u0435\u0442 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u043e\u0439.\n\n\u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, SolarWinds \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b\u0430 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044e \u043e \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0439 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0435 \u0441 Server &amp; Application Monitor 2022.4, \u0438\u0437-\u0437\u0430 \u043a\u043e\u0442\u043e\u0440\u043e\u0439 Kerberos \u043d\u0435\u043b\u044c\u0437\u044f \u0431\u044b\u043b\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0441 NTLM.\n\n\u041a\u043b\u0438\u0435\u043d\u0442\u044b, \u043d\u0430\u0441\u0442\u0440\u043e\u0438\u0432\u0448\u0438\u0435 \u043e\u043f\u0440\u043e\u0441 \u0447\u0435\u0440\u0435\u0437 Kerberos, \u043d\u0435 \u043e\u0436\u0438\u0434\u0430\u043b\u0438 NTLM-\u0442\u0440\u0430\u0444\u0438\u043a\u0430 \u0432 \u0441\u0432\u043e\u0435\u0439 \u0441\u0440\u0435\u0434\u0435, \u043d\u043e, \u043f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u043c\u044b \u0437\u0430\u043f\u0440\u0430\u0448\u0438\u0432\u0430\u043b\u0438 \u0434\u0430\u043d\u043d\u044b\u0435 \u0447\u0435\u0440\u0435\u0437 IP-\u0430\u0434\u0440\u0435\u0441, \u044d\u0442\u043e \u043d\u0435 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u043b\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c Kerberos. \u041e\u0436\u0438\u0434\u0430\u0435\u043c\u044b\u0439 Hybrid Cloud Observability 2023.1 \u0443\u0441\u0442\u0440\u0430\u043d\u044f\u0435\u0442 \u044d\u0442\u043e\u0442 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u043a.\n\nSolarWinds \u043d\u0435 \u0443\u043f\u043e\u043c\u044f\u043d\u0443\u043b\u0430 \u043e\u0431 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0438 \u043a\u0430\u043a\u0438\u0445-\u043b\u0438\u0431\u043e \u0438\u0437 \u044d\u0442\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 \u0437\u043b\u043e\u043d\u0430\u043c\u0435\u0440\u0435\u043d\u043d\u044b\u0445 \u0430\u0442\u0430\u043a\u0430\u0445.", "creation_timestamp": "2023-02-20T11:30:07.000000Z"}, {"uuid": "86373992-9d31-4408-be55-0d87603cee4e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-23833", "type": "seen", "source": "https://t.me/cibsecurity/67232", "content": "\u203c CVE-2023-23833 \u203c\n\nAuth. (contributor+) Cross-Site Scripting (XSS) vulnerability in Steven Henty Drop Shadow Boxes plugin &lt;=\u00c2\u00a01.7.10 versions.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-25T16:26:49.000000Z"}, {"uuid": "4f379e09-82ee-40f0-90d1-0c6a6e5d961c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-23830", "type": "seen", "source": "https://t.me/cibsecurity/63235", "content": "\u203c CVE-2023-23830 \u203c\n\nUnauth. Reflected Cross-Site Scripting (XSS) vulnerability in ProfilePress Membership Team ProfilePress plugin &lt;=\u00c2\u00a04.5.4 versions.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-03T20:31:10.000000Z"}, {"uuid": "956b2761-e1fb-4692-a457-cdfe2746e24c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-23839", "type": "seen", "source": "https://t.me/cibsecurity/62857", "content": "\u203c CVE-2023-23839 \u203c\n\nThe SolarWinds Platform was susceptible to the Exposure of Sensitive Information Vulnerability. This vulnerability allows users to access Orion.WebCommunityStrings SWIS schema object and obtain sensitive information.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-26T00:25:18.000000Z"}, {"uuid": "0cbbe0cc-8a85-4846-a70a-5031fdfcacce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-23837", "type": "seen", "source": "https://t.me/cibsecurity/62839", "content": "\u203c CVE-2023-23837 \u203c\n\nNo exception handling vulnerability which revealed sensitive or excessive information to users.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-25T22:25:26.000000Z"}, {"uuid": "389d186b-10cf-4f40-8729-d9c4f44cf83f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-23836", "type": "seen", "source": "https://t.me/cibsecurity/58275", "content": "\u203c CVE-2023-23836 \u203c\n\nSolarWinds Platform version 2022.4.1 was found to be susceptible to the Deserialization of Untrusted Data. This vulnerability allows a remote adversary with Orion admin-level account access to the SolarWinds Web Console to execute arbitrary commands.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-15T22:36:56.000000Z"}, {"uuid": "81731d39-d919-491a-ae30-7f382fd9a7dc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-23835", "type": "seen", "source": "https://t.me/cibsecurity/58074", "content": "\u203c CVE-2023-23835 \u203c\n\nA vulnerability has been identified in Mendix Applications using Mendix 7 (All versions &lt; V7.23.34), Mendix Applications using Mendix 8 (All versions &lt; V8.18.23), Mendix Applications using Mendix 9 (All versions &lt; V9.22.0), Mendix Applications using Mendix 9 (V9.12) (All versions &lt; V9.12.10), Mendix Applications using Mendix 9 (V9.18) (All versions &lt; V9.18.4), Mendix Applications using Mendix 9 (V9.6) (All versions &lt; V9.6.15). Some of the Mendix runtime API\u00e2\u20ac\u2122s allow attackers to bypass XPath constraints and retrieve information using XPath queries that trigger errors.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-14T14:35:45.000000Z"}]}