Headline
CVE-2022-38115: SolarWinds Trust Center Security Advisories | CVE-2022-38115
Insecure method vulnerability in which allowed HTTP methods are disclosed. E.g., OPTIONS, DELETE, TRACE, and PUT
Summary
Insecure method vulnerability in which allowed HTTP methods are disclosed. E.g., OPTIONS, DELETE, TRACE, and PUT
Affected Products
- SEM 2022.2 and previous versions
Fixed Software Release
- SEM 2022.4
Related news
CVE-2022-38114: SEM 2022.4 Release Notes
This vulnerability occurs when a web server fails to correctly process the Content-Length of POST requests. This can lead to HTTP request smuggling or XSS.