📦

access_rights_manager

Vendor: solarwinds

Login to add this product to WatchStack
Actively Exploited 0 CISA KEV List
PoC / Exploits 0 Code Available
Total RCEs 19 Remote Access
Total CVEs 32 Total Indexed
Avg. EPSS 9.07% Exploit Prob.
Latest CVE CVE-2024-28991 Sep 12

Security Vulnerability Index

Page 3 / 4
9.6 CVSS
CVE-2024-23476
RCE

The SolarWinds Access Rights Manager (ARM) was found to be susceptible to a Directory Traversal Remote Code Execution Vulnerability. If exploited, this vulnerability allows an unauthenticated user to achieve the Remote Code Execution.

EPSS: 1.94%
9.0 CVSS
CVE-2023-40057
RCE

The SolarWinds Access Rights Manager was found to be susceptible to a Remote Code Execution Vulnerability. If exploited, this vulnerability allows an authenticated user to abuse a SolarWinds service resulting in remote code execution.

EPSS: 11.68%
6.5 CVSS
CVE-2023-40058

Sensitive data was added to our public-facing knowledgebase that, if exploited, could be used to access components of Access Rights Manager (ARM) if the threat actor is in the same environment.

EPSS: 0.27%
8.8 CVSS
CVE-2023-35187
RCE

The SolarWinds Access Rights Manager was susceptible to a Directory Traversal Remote Code Vulnerability. This vulnerability allows an unauthenticated user to achieve the Remote Code Execution.

EPSS: 2.02%
8.0 CVSS
CVE-2023-35186
RCE

The SolarWinds Access Rights Manager was susceptible to Remote Code Execution Vulnerability. This vulnerability allows an authenticated user to abuse SolarWinds service resulting in remote code execution.

EPSS: 9.61%
6.8 CVSS
CVE-2023-35185

The SolarWinds Access Rights Manager was susceptible to a Directory Traversal Remote Code Vulnerability using SYSTEM privileges.

EPSS: 0.15%
8.8 CVSS
CVE-2023-35184
RCE

The SolarWinds Access Rights Manager was susceptible to Remote Code Execution Vulnerability. This vulnerability allows an unauthenticated user to abuse a SolarWinds service resulting in a remote code execution.

EPSS: 10.60%
7.8 CVSS
CVE-2023-35183

The SolarWinds Access Rights Manager was susceptible to Privilege Escalation Vulnerability. This vulnerability allows authenticated users to abuse local resources to Privilege Escalation.

EPSS: 0.08%
8.8 CVSS
CVE-2023-35182
RCE

The SolarWinds Access Rights Manager was susceptible to Remote Code Execution Vulnerability. This vulnerability can be abused by unauthenticated users on SolarWinds ARM Server.

EPSS: 4.65%
7.8 CVSS
CVE-2023-35181

The SolarWinds Access Rights Manager was susceptible to Privilege Escalation Vulnerability. This vulnerability allows users to abuse incorrect folder permission resulting in Privilege Escalation.

EPSS: 0.11%