Show filters
34 Total Results
Displaying 11-20 of 34
Sort by:
Attacker Value
Unknown
CVE-2024-23474
Disclosure Date: July 17, 2024 (last updated September 11, 2024)
The SolarWinds Access Rights Manager was found to be susceptible to an Arbitrary File Deletion and Information Disclosure vulnerability.
0
Attacker Value
Unknown
CVE-2024-23472
Disclosure Date: July 17, 2024 (last updated August 23, 2024)
SolarWinds Access Rights Manager (ARM) is susceptible to Directory Traversal vulnerability. This vulnerability allows an authenticated user to arbitrary read and delete files in ARM.
0
Attacker Value
Unknown
CVE-2024-23471
Disclosure Date: July 17, 2024 (last updated September 11, 2024)
The SolarWinds Access Rights Manager was found to be susceptible to a Remote Code Execution Vulnerability. If exploited, this vulnerability allows an authenticated user to abuse a SolarWinds service resulting in remote code execution.
0
Attacker Value
Unknown
CVE-2024-23470
Disclosure Date: July 17, 2024 (last updated September 12, 2024)
The SolarWinds Access Rights Manager was found to be susceptible to a pre-authentication remote code execution vulnerability. If exploited, this vulnerability allows an unauthenticated user to run commands and executables.
0
Attacker Value
Unknown
CVE-2024-23469
Disclosure Date: July 17, 2024 (last updated September 11, 2024)
SolarWinds Access Rights Manager (ARM) is susceptible to a Remote Code Execution vulnerability. If exploited, this vulnerability allows an unauthenticated user to perform the actions with SYSTEM privileges.
0
Attacker Value
Unknown
CVE-2024-23468
Disclosure Date: July 17, 2024 (last updated August 23, 2024)
The SolarWinds Access Rights Manager was susceptible to a Directory Traversal and Information Disclosure Vulnerability. This vulnerability allows an unauthenticated user to perform arbitrary file deletion and leak sensitive information.
0
Attacker Value
Unknown
CVE-2024-23467
Disclosure Date: July 17, 2024 (last updated August 23, 2024)
The SolarWinds Access Rights Manager was susceptible to a Directory Traversal and Information Disclosure Vulnerability. This vulnerability allows an unauthenticated user to perform remote code execution.
0
Attacker Value
Unknown
CVE-2024-23466
Disclosure Date: July 17, 2024 (last updated August 23, 2024)
SolarWinds Access Rights Manager (ARM) is susceptible to a Directory Traversal Remote Code Execution vulnerability. If exploited, this vulnerability allows an unauthenticated user to perform the actions with SYSTEM privileges.
0
Attacker Value
Unknown
CVE-2024-23465
Disclosure Date: July 17, 2024 (last updated September 11, 2024)
The SolarWinds Access Rights Manager was found to be susceptible to an authentication bypass vulnerability. This vulnerability allows an unauthenticated user to gain domain admin access within the Active Directory environment.
0
Attacker Value
Unknown
CVE-2024-28075
Disclosure Date: May 14, 2024 (last updated February 11, 2025)
The SolarWinds Access Rights Manager was susceptible to Remote Code Execution Vulnerability. This vulnerability allows an authenticated user to abuse SolarWinds service resulting in remote code execution.
We thank Trend Micro Zero Day Initiative (ZDI) for its ongoing partnership in coordinating with SolarWinds on responsible disclosure of this and other potential vulnerabilities.
0
