Documentation forSolarWinds Platform Self-Hosted

SolarWinds Observability Self-Hosted 2023.4.1 release notes

Release date: November 9, 2023

SolarWinds Observability Self-Hosted 2023.4.1 is a service release providing bug and security fixes for release 2023.4. For information about the 2023.4 release, including EOL notices and upgrade information, see SolarWinds Observability Self-Hosted 2023.4 Release Notes.

Fixes

Case number Description
01334731, 01398556, 01423432, 01429748, 01438215, 01464623

Exporting IP addresses works as expected, even if you log in to the SolarWinds Platform with a SAML account. Exports no longer fail with the message Unhandled Error: Access to the path 'Structure.csv' is denied.

01395989

When both interface-to-interface and node-to-interface topology connections exist between two nodes, an Intelligent Map now correctly shows that the interface-to-interface connection is available.

01446498

If you set a node's Status rollup mode to Worst and an application monitor goes down, the status of the application monitor and the node are now displayed correctly.

CVEs

SolarWinds would like to thank our Security Researchers below for reporting on the issue in a responsible manner and working with our security, product, and engineering teams to fix the vulnerability.

CVE-ID Vulnerability Title Description Severity Credit
CVE-2023-40054 SolarWinds Network Configuration Manager Directory Traversal Remote Code Execution Vulnerability The Network Configuration Manager was susceptible to a Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows a low-level user to perform the actions with SYSTEM privileges. We found this issue was not resolved in CVE-2023-33226. 8.0 High SolarWinds Security Team
CVE-2023-40055 SolarWinds Network Configuration Manager Directory Traversal Remote Code Execution Vulnerability The Network Configuration Manager was susceptible to a Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows a low-level user to perform the actions with SYSTEM privileges. We found this issue was not resolved in CVE-2023-33227. 8.0 High E5 SolarWinds Security Team

Return to top

Legal notices

© 2023 SolarWinds Worldwide, LLC. All rights reserved.

This document may not be reproduced by any means nor modified, decompiled, disassembled, published or distributed, in whole or in part, or translated to any electronic medium or other means without the prior written consent of SolarWinds. All right, title, and interest in and to the software, services, and documentation are and shall remain the exclusive property of SolarWinds, its affiliates, and/or its respective licensors.

SOLARWINDS DISCLAIMS ALL WARRANTIES, CONDITIONS, OR OTHER TERMS, EXPRESS OR IMPLIED, STATUTORY OR OTHERWISE, ON THE DOCUMENTATION, INCLUDING WITHOUT LIMITATION NONINFRINGEMENT, ACCURACY, COMPLETENESS, OR USEFULNESS OF ANY INFORMATION CONTAINED HEREIN. IN NO EVENT SHALL SOLARWINDS, ITS SUPPLIERS, NOR ITS LICENSORS BE LIABLE FOR ANY DAMAGES, WHETHER ARISING IN TORT, CONTRACT OR ANY OTHER LEGAL THEORY, EVEN IF SOLARWINDS HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.

The SolarWinds, SolarWinds & Design, Orion, and THWACK trademarks are the exclusive property of SolarWinds Worldwide, LLC or its affiliates, are registered with the U.S. Patent and Trademark Office, and may be registered or pending registration in other countries. All other SolarWinds trademarks, service marks, and logos may be common law marks or are registered or pending registration. All other trademarks mentioned herein are used for identification purposes only and are trademarks of (and may be registered trademarks) of their respective companies.