Total
15 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-23478 | 1 Solarwinds | 1 Access Rights Manager | 2024-02-20 | N/A | 8.0 HIGH |
| SolarWinds Access Rights Manager (ARM) was found to be susceptible to a Remote Code Execution Vulnerability. If exploited, this vulnerability allows an authenticated user to abuse a SolarWinds service, resulting in remote code execution. | |||||
| CVE-2023-40057 | 1 Solarwinds | 1 Access Rights Manager | 2024-02-20 | N/A | 9.0 CRITICAL |
| The SolarWinds Access Rights Manager was found to be susceptible to a Remote Code Execution Vulnerability. If exploited, this vulnerability allows an authenticated user to abuse a SolarWinds service resulting in remote code execution. | |||||
| CVE-2024-23476 | 1 Solarwinds | 1 Access Rights Manager | 2024-02-20 | N/A | 9.6 CRITICAL |
| The SolarWinds Access Rights Manager (ARM) was found to be susceptible to a Directory Traversal Remote Code Execution Vulnerability. If exploited, this vulnerability allows an unauthenticated user to achieve the Remote Code Execution. | |||||
| CVE-2024-23477 | 1 Solarwinds | 1 Access Rights Manager | 2024-02-20 | N/A | 9.6 CRITICAL |
| The SolarWinds Access Rights Manager (ARM) was found to be susceptible to a Directory Traversal Remote Code Execution Vulnerability. If exploited, this vulnerability allows an unauthenticated user to achieve a Remote Code Execution. | |||||
| CVE-2024-23479 | 1 Solarwinds | 1 Access Rights Manager | 2024-02-20 | N/A | 9.6 CRITICAL |
| SolarWinds Access Rights Manager (ARM) was found to be susceptible to a Directory Traversal Remote Code Execution Vulnerability. If exploited, this vulnerability allows an unauthenticated user to achieve a Remote Code Execution. | |||||
| CVE-2023-40058 | 1 Solarwinds | 1 Access Rights Manager | 2024-02-02 | N/A | 6.5 MEDIUM |
| Sensitive data was added to our public-facing knowledgebase that, if exploited, could be used to access components of Access Rights Manager (ARM) if the threat actor is in the same environment. | |||||
| CVE-2023-35185 | 1 Solarwinds | 1 Access Rights Manager | 2023-12-28 | N/A | 6.8 MEDIUM |
| The SolarWinds Access Rights Manager was susceptible to a Directory Traversal Remote Code Vulnerability using SYSTEM privileges. | |||||
| CVE-2023-35187 | 1 Solarwinds | 1 Access Rights Manager | 2023-12-10 | N/A | 9.8 CRITICAL |
| The SolarWinds Access Rights Manager was susceptible to a Directory Traversal Remote Code Vulnerability. This vulnerability allows an unauthenticated user to achieve the Remote Code Execution. | |||||
| CVE-2023-35186 | 1 Solarwinds | 1 Access Rights Manager | 2023-12-10 | N/A | 8.8 HIGH |
| The SolarWinds Access Rights Manager was susceptible to Remote Code Execution Vulnerability. This vulnerability allows an authenticated user to abuse SolarWinds service resulting in remote code execution. | |||||
| CVE-2023-35183 | 1 Solarwinds | 1 Access Rights Manager | 2023-12-10 | N/A | 7.8 HIGH |
| The SolarWinds Access Rights Manager was susceptible to Privilege Escalation Vulnerability. This vulnerability allows authenticated users to abuse local resources to Privilege Escalation. | |||||
| CVE-2023-35180 | 1 Solarwinds | 1 Access Rights Manager | 2023-12-10 | N/A | 8.8 HIGH |
| The SolarWinds Access Rights Manager was susceptible to Remote Code Execution Vulnerability. This vulnerability allows authenticated users to abuse SolarWinds ARM API. | |||||
| CVE-2023-35182 | 1 Solarwinds | 1 Access Rights Manager | 2023-12-10 | N/A | 9.8 CRITICAL |
| The SolarWinds Access Rights Manager was susceptible to Remote Code Execution Vulnerability. This vulnerability can be abused by unauthenticated users on SolarWinds ARM Server. | |||||
| CVE-2023-35181 | 1 Solarwinds | 1 Access Rights Manager | 2023-12-10 | N/A | 7.8 HIGH |
| The SolarWinds Access Rights Manager was susceptible to Privilege Escalation Vulnerability. This vulnerability allows users to abuse incorrect folder permission resulting in Privilege Escalation. | |||||
| CVE-2023-35184 | 1 Solarwinds | 1 Access Rights Manager | 2023-12-10 | N/A | 9.8 CRITICAL |
| The SolarWinds Access Rights Manager was susceptible to Remote Code Execution Vulnerability. This vulnerability allows an unauthenticated user to abuse a SolarWinds service resulting in a remote code execution. | |||||
| CVE-2021-35227 | 1 Solarwinds | 1 Access Rights Manager | 2023-12-10 | 4.6 MEDIUM | 7.8 HIGH |
| The HTTP interface was enabled for RabbitMQ Plugin in ARM 2020.2.6 and the ability to configure HTTPS was not available. | |||||