Access Rights Manager
by SolarWinds
CVEs (14)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-23479 | Cri | 0.63 | 9.6 | 0.06 | Feb 15, 2024 | SolarWinds Access Rights Manager (ARM) was found to be susceptible to a Directory Traversal Remote Code Execution Vulnerability. If exploited, this vulnerability allows an unauthenticated user to achieve a Remote Code Execution. | ||
| CVE-2024-23476 | Cri | 0.63 | 9.6 | 0.07 | Feb 15, 2024 | The SolarWinds Access Rights Manager (ARM) was found to be susceptible to a Directory Traversal Remote Code Execution Vulnerability. If exploited, this vulnerability allows an unauthenticated user to achieve the Remote Code Execution. | ||
| CVE-2024-23478 | Hig | 0.59 | 8.0 | 0.82 | Feb 15, 2024 | SolarWinds Access Rights Manager (ARM) was found to be susceptible to a Remote Code Execution Vulnerability. If exploited, this vulnerability allows an authenticated user to abuse a SolarWinds service, resulting in remote code execution. | ||
| CVE-2023-40057 | Cri | 0.59 | 9.0 | 0.04 | Feb 15, 2024 | The SolarWinds Access Rights Manager was found to be susceptible to a Remote Code Execution Vulnerability. If exploited, this vulnerability allows an authenticated user to abuse a SolarWinds service resulting in remote code execution. | ||
| CVE-2023-35187 | Hig | 0.57 | 8.8 | 0.03 | Oct 19, 2023 | The SolarWinds Access Rights Manager was susceptible to a Directory Traversal Remote Code Vulnerability. This vulnerability allows an unauthenticated user to achieve the Remote Code Execution. | ||
| CVE-2023-35184 | Hig | 0.57 | 8.8 | 0.01 | Oct 19, 2023 | The SolarWinds Access Rights Manager was susceptible to Remote Code Execution Vulnerability. This vulnerability allows an unauthenticated user to abuse a SolarWinds service resulting in a remote code execution. | ||
| CVE-2023-35182 | Hig | 0.57 | 8.8 | 0.02 | Oct 19, 2023 | The SolarWinds Access Rights Manager was susceptible to Remote Code Execution Vulnerability. This vulnerability can be abused by unauthenticated users on SolarWinds ARM Server. | ||
| CVE-2023-35180 | Hig | 0.54 | 8.0 | 0.27 | Oct 19, 2023 | The SolarWinds Access Rights Manager was susceptible to Remote Code Execution Vulnerability. This vulnerability allows authenticated users to abuse SolarWinds ARM API. | ||
| CVE-2024-23477 | Hig | 0.52 | 7.9 | 0.08 | Feb 15, 2024 | The SolarWinds Access Rights Manager (ARM) was found to be susceptible to a Directory Traversal Remote Code Execution Vulnerability. If exploited, this vulnerability allows an unauthenticated user to achieve a Remote Code Execution. | ||
| CVE-2023-35186 | Hig | 0.52 | 8.0 | 0.02 | Oct 19, 2023 | The SolarWinds Access Rights Manager was susceptible to Remote Code Execution Vulnerability. This vulnerability allows an authenticated user to abuse SolarWinds service resulting in remote code execution. | ||
| CVE-2023-35183 | Hig | 0.51 | 7.8 | 0.00 | Oct 19, 2023 | The SolarWinds Access Rights Manager was susceptible to Privilege Escalation Vulnerability. This vulnerability allows authenticated users to abuse local resources to Privilege Escalation. | ||
| CVE-2023-35181 | Hig | 0.51 | 7.8 | 0.00 | Oct 19, 2023 | The SolarWinds Access Rights Manager was susceptible to Privilege Escalation Vulnerability. This vulnerability allows users to abuse incorrect folder permission resulting in Privilege Escalation. | ||
| CVE-2023-35185 | Med | 0.44 | 6.8 | 0.01 | Oct 19, 2023 | The SolarWinds Access Rights Manager was susceptible to a Directory Traversal Remote Code Vulnerability using SYSTEM privileges. | ||
| CVE-2023-40058 | Med | 0.42 | 6.5 | 0.01 | Dec 21, 2023 | Sensitive data was added to our public-facing knowledgebase that, if exploited, could be used to access components of Access Rights Manager (ARM) if the threat actor is in the same environment. |
- risk 0.63cvss 9.6epss 0.06
SolarWinds Access Rights Manager (ARM) was found to be susceptible to a Directory Traversal Remote Code Execution Vulnerability. If exploited, this vulnerability allows an unauthenticated user to achieve a Remote Code Execution.
- risk 0.63cvss 9.6epss 0.07
The SolarWinds Access Rights Manager (ARM) was found to be susceptible to a Directory Traversal Remote Code Execution Vulnerability. If exploited, this vulnerability allows an unauthenticated user to achieve the Remote Code Execution.
- risk 0.59cvss 8.0epss 0.82
SolarWinds Access Rights Manager (ARM) was found to be susceptible to a Remote Code Execution Vulnerability. If exploited, this vulnerability allows an authenticated user to abuse a SolarWinds service, resulting in remote code execution.
- risk 0.59cvss 9.0epss 0.04
The SolarWinds Access Rights Manager was found to be susceptible to a Remote Code Execution Vulnerability. If exploited, this vulnerability allows an authenticated user to abuse a SolarWinds service resulting in remote code execution.
- risk 0.57cvss 8.8epss 0.03
The SolarWinds Access Rights Manager was susceptible to a Directory Traversal Remote Code Vulnerability. This vulnerability allows an unauthenticated user to achieve the Remote Code Execution.
- risk 0.57cvss 8.8epss 0.01
The SolarWinds Access Rights Manager was susceptible to Remote Code Execution Vulnerability. This vulnerability allows an unauthenticated user to abuse a SolarWinds service resulting in a remote code execution.
- risk 0.57cvss 8.8epss 0.02
The SolarWinds Access Rights Manager was susceptible to Remote Code Execution Vulnerability. This vulnerability can be abused by unauthenticated users on SolarWinds ARM Server.
- risk 0.54cvss 8.0epss 0.27
The SolarWinds Access Rights Manager was susceptible to Remote Code Execution Vulnerability. This vulnerability allows authenticated users to abuse SolarWinds ARM API.
- risk 0.52cvss 7.9epss 0.08
The SolarWinds Access Rights Manager (ARM) was found to be susceptible to a Directory Traversal Remote Code Execution Vulnerability. If exploited, this vulnerability allows an unauthenticated user to achieve a Remote Code Execution.
- risk 0.52cvss 8.0epss 0.02
The SolarWinds Access Rights Manager was susceptible to Remote Code Execution Vulnerability. This vulnerability allows an authenticated user to abuse SolarWinds service resulting in remote code execution.
- risk 0.51cvss 7.8epss 0.00
The SolarWinds Access Rights Manager was susceptible to Privilege Escalation Vulnerability. This vulnerability allows authenticated users to abuse local resources to Privilege Escalation.
- risk 0.51cvss 7.8epss 0.00
The SolarWinds Access Rights Manager was susceptible to Privilege Escalation Vulnerability. This vulnerability allows users to abuse incorrect folder permission resulting in Privilege Escalation.
- risk 0.44cvss 6.8epss 0.01
The SolarWinds Access Rights Manager was susceptible to a Directory Traversal Remote Code Vulnerability using SYSTEM privileges.
- risk 0.42cvss 6.5epss 0.01
Sensitive data was added to our public-facing knowledgebase that, if exploited, could be used to access components of Access Rights Manager (ARM) if the threat actor is in the same environment.