CVE-2024-23469

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2024-23469
SolarWinds Access Rights Manager (ARM) is susceptible to a Remote Code Execution vulnerability. If exploited, this vulnerability allows an unauthenticated user to perform the actions with SYSTEM privileges.

9.6 /10

CVSS v3 : CRITICAL

V3 Legend

Vector :

Exploitability : 2.8 / Impact : 6.0

Attack Vector ADJACENT_NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope CHANGED

References
Link Resource
https://documentation.solarwinds.com/en/success_center/arm/content/release_notes/arm_2024-3_release_notes.htm Vendor Advisory
https://documentation.solarwinds.com/en/success_center/arm/content/release_notes/arm_2024-3_release_notes.htm Vendor Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:solarwinds:access_rights_manager:*:*:*:*:*:*:*:*
History

21 Nov 2024, 08:57

Type Values Removed Values Added
CVSS v2 : unknown
v3 : 9.8 		v2 : unknown
v3 : 9.6
References () https://documentation.solarwinds.com/en/success_center/arm/content/release_notes/arm_2024-3_release_notes.htm - Vendor Advisory () https://documentation.solarwinds.com/en/success_center/arm/content/release_notes/arm_2024-3_release_notes.htm - Vendor Advisory

10 Sep 2024, 17:51

Type Values Removed Values Added
CVSS v2 : unknown
v3 : 9.6 		v2 : unknown
v3 : 9.8
First Time Solarwinds access Rights Manager
Solarwinds
CPE cpe:2.3:a:solarwinds:access_rights_manager:*:*:*:*:*:*:*:*
References () https://documentation.solarwinds.com/en/success_center/arm/content/release_notes/arm_2024-3_release_notes.htm - () https://documentation.solarwinds.com/en/success_center/arm/content/release_notes/arm_2024-3_release_notes.htm - Vendor Advisory

18 Jul 2024, 12:28

Type Values Removed Values Added
Summary
  • (es) SolarWinds Access Rights Manager (ARM) es susceptible a una vulnerabilidad de ejecución remota de código. Si se explota, esta vulnerabilidad permite que un usuario no autenticado realice acciones con privilegios de SYSTEM.

17 Jul 2024, 15:15

Type Values Removed Values Added
New CVE
Information

Published : 2024-07-17 15:15

Updated : 2024-11-21 08:57

NVD link : CVE-2024-23469

Mitre link : CVE-2024-23469

CVE.ORG link : CVE-2024-23469

JSON object : View

Products Affected

solarwinds

  • access_rights_manager
CWE
CWE-20

Improper Input Validation


NetmanageIT Website NetmanageIT OSINT Web NetmanageIT OpenCTI NetmanageIT PDF Tools NetmanageIT CTO Corner Blog NetmanageIT Email Header Analyzer NetmanageIT Password Pusher NetmanageIT Internet Health and Latency Dashboard NetmanageIT Dedicated Speed Test Site NetmanageIT Ubuntu Mirror 10Gbps Copyright OpenCVE 2024