What is CVE-2022-38115?

CVE-2022-38115 is a medium-severity vulnerability in Solarwinds Sem, classified under Trusting HTTP Permission Methods on the Server Side. CVSS score: 5.3/10. Published 2022-11-23.

How severe is CVE-2022-38115?

Medium severity. CVSS v3 base score is 5.3 out of 10.

Vulnerability in Solarwinds Sem

CVE-2022-38115

Insecure method vulnerability in which allowed HTTP methods are disclosed. E.g., OPTIONS, DELETE, TRACE, and PUT

EPSS: 0.015 (81.4th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 5.3 (Medium). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N.

Affected products

Solarwinds Sem — versions 2022.2 and previous versions

Weakness classification (CWE)

CWE-650 — Trusting HTTP Permission Methods on the Server Side

References

documentation.solarwinds.com/en/success_center/sem/content/release_notes/sem_20…
www.solarwinds.com/trust-center/security-advisories/CVE-2022-38115

Frequently asked questions

What is CVE-2022-38115?: CVE-2022-38115 is a medium-severity vulnerability in Solarwinds Sem, classified under Trusting HTTP Permission Methods on the Server Side. CVSS score: 5.3/10. Published 2022-11-23.
How severe is CVE-2022-38115?: Medium severity. CVSS v3 base score is 5.3 out of 10.