Solarwinds

Access Rights Manager

32 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8

CVE-2024-28991

  • EPSS 30.9%
  • Veröffentlicht 12.09.2024 14:16:06
  • Zuletzt bearbeitet 16.09.2024 18:06:20

SolarWinds Access Rights Manager (ARM) was found to be susceptible to a remote code execution vulnerability. If exploited, this vulnerability would allow an authenticated user to abuse the service, resulting in remote code execution.

8.8

CVE-2024-28990

  • EPSS 0.03%
  • Veröffentlicht 12.09.2024 14:16:06
  • Zuletzt bearbeitet 16.09.2024 18:05:28

SolarWinds Access Rights Manager (ARM) was found to contain a hard-coded credential authentication bypass vulnerability. If exploited, this vulnerability would allow access to the RabbitMQ management console. We thank Trend Micro Zero Day Initiative...

8.3

CVE-2024-28993

  • EPSS 0.64%
  • Veröffentlicht 17.07.2024 15:15:13
  • Zuletzt bearbeitet 21.11.2024 09:07:20

The SolarWinds Access Rights Manager was susceptible to a Directory Traversal and Information Disclosure Vulnerability. This vulnerability allows an unauthenticated user to perform arbitrary file deletion and leak sensitive information.

8.3

CVE-2024-28992

  • EPSS 0.46%
  • Veröffentlicht 17.07.2024 15:15:13
  • Zuletzt bearbeitet 21.11.2024 09:07:20

The SolarWinds Access Rights Manager was susceptible to a Directory Traversal and Information Disclosure Vulnerability. This vulnerability allows an unauthenticated user to perform arbitrary file deletion and leak sensitive information.

8.8

CVE-2024-28074

  • EPSS 0.11%
  • Veröffentlicht 17.07.2024 15:15:13
  • Zuletzt bearbeitet 21.11.2024 09:05:45

It was discovered that a previous vulnerability was not completely fixed with SolarWinds Access Rights Manager. While some controls were implemented the researcher was able to bypass these and use a different method to exploit the vulnerability.

8.8

CVE-2024-23475

  • EPSS 0.24%
  • Veröffentlicht 17.07.2024 15:15:13
  • Zuletzt bearbeitet 21.11.2024 08:57:47

The SolarWinds Access Rights Manager was susceptible to a Directory Traversal and Information Disclosure Vulnerability. This vulnerability allows an unauthenticated user to perform arbitrary file deletion and leak sensitive information.

8.8

CVE-2024-23474

  • EPSS 0.06%
  • Veröffentlicht 17.07.2024 15:15:12
  • Zuletzt bearbeitet 21.11.2024 08:57:47

The SolarWinds Access Rights Manager was found to be susceptible to an Arbitrary File Deletion and Information Disclosure vulnerability.

8

CVE-2024-23472

  • EPSS 7.46%
  • Veröffentlicht 17.07.2024 15:15:12
  • Zuletzt bearbeitet 21.11.2024 08:57:47

SolarWinds Access Rights Manager (ARM) is susceptible to Directory Traversal vulnerability. This vulnerability allows an authenticated user to arbitrary read and delete files in ARM.

8.8

CVE-2024-23471

  • EPSS 1.59%
  • Veröffentlicht 17.07.2024 15:15:12
  • Zuletzt bearbeitet 21.11.2024 08:57:46

The SolarWinds Access Rights Manager was found to be susceptible to a Remote Code Execution Vulnerability. If exploited, this vulnerability allows an authenticated user to abuse a SolarWinds service resulting in remote code execution.

8.8

CVE-2024-23470

  • EPSS 1.99%
  • Veröffentlicht 17.07.2024 15:15:12
  • Zuletzt bearbeitet 21.11.2024 08:57:46

The SolarWinds Access Rights Manager was found to be susceptible to a pre-authentication remote code execution vulnerability. If exploited, this vulnerability allows an unauthenticated user to run commands and executables.