Access Rights Manager

access_rights_manager

Vendor: Solarwinds • 32 CVEs

CVEs (32)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2024-23476 1Solarwinds 1Access Rights Manager Nov 21, 2024 Feb 15, 2024 N/A· v4 9.6 CRITICAL· v3 N/A· v2 The SolarWinds Access Rights Manager (ARM) was found to be susceptible to a Directory Traversal Remote Code Execution Vulnerability. If exploited, this vulnerability allows an unauthenticated user to achieve the Remote C...Show more The SolarWinds Access Rights Manager (ARM) was found to be susceptible to a Directory Traversal Remote Code Execution Vulnerability. If exploited, this vulnerability allows an unauthenticated user to achieve the Remote Code Execution. Show less
CVE-2023-40057 1Solarwinds 1Access Rights Manager Nov 21, 2024 Feb 15, 2024 N/A· v4 9.0 CRITICAL· v3 N/A· v2 The SolarWinds Access Rights Manager was found to be susceptible to a Remote Code Execution Vulnerability. If exploited, this vulnerability allows an authenticated user to abuse a SolarWinds service resulting in remote c...Show more The SolarWinds Access Rights Manager was found to be susceptible to a Remote Code Execution Vulnerability. If exploited, this vulnerability allows an authenticated user to abuse a SolarWinds service resulting in remote code execution. Show less
CVE-2023-40058 1Solarwinds 1Access Rights Manager Nov 21, 2024 Dec 21, 2023 N/A· v4 6.5 MEDIUM· v3 N/A· v2 Sensitive data was added to our public-facing knowledgebase that, if exploited, could be used to access components of Access Rights Manager (ARM) if the threat actor is in the same environment.
CVE-2023-35187 1Solarwinds 1Access Rights Manager Nov 21, 2024 Oct 19, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 The SolarWinds Access Rights Manager was susceptible to a Directory Traversal Remote Code Vulnerability. This vulnerability allows an unauthenticated user to achieve the Remote Code Execution.
CVE-2023-35186 1Solarwinds 1Access Rights Manager Nov 21, 2024 Oct 19, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 The SolarWinds Access Rights Manager was susceptible to Remote Code Execution Vulnerability. This vulnerability allows an authenticated user to abuse SolarWinds service resulting in remote code execution.
CVE-2023-35185 1Solarwinds 1Access Rights Manager Feb 26, 2025 Oct 19, 2023 N/A· v4 6.8 MEDIUM· v3 N/A· v2 The SolarWinds Access Rights Manager was susceptible to a Directory Traversal Remote Code Vulnerability using SYSTEM privileges.
CVE-2023-35184 1Solarwinds 1Access Rights Manager Nov 21, 2024 Oct 19, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 The SolarWinds Access Rights Manager was susceptible to Remote Code Execution Vulnerability. This vulnerability allows an unauthenticated user to abuse a SolarWinds service resulting in a remote code execution.
CVE-2023-35183 1Solarwinds 1Access Rights Manager Nov 21, 2024 Oct 19, 2023 N/A· v4 7.8 HIGH· v3 N/A· v2 The SolarWinds Access Rights Manager was susceptible to Privilege Escalation Vulnerability. This vulnerability allows authenticated users to abuse local resources to Privilege Escalation.
CVE-2023-35182 1Solarwinds 1Access Rights Manager Nov 21, 2024 Oct 19, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 The SolarWinds Access Rights Manager was susceptible to Remote Code Execution Vulnerability. This vulnerability can be abused by unauthenticated users on SolarWinds ARM Server.
CVE-2023-35181 1Solarwinds 1Access Rights Manager Nov 21, 2024 Oct 19, 2023 N/A· v4 7.8 HIGH· v3 N/A· v2 The SolarWinds Access Rights Manager was susceptible to Privilege Escalation Vulnerability. This vulnerability allows users to abuse incorrect folder permission resulting in Privilege Escalation.
CVE-2023-35180 1Solarwinds 1Access Rights Manager Nov 21, 2024 Oct 19, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 The SolarWinds Access Rights Manager was susceptible to Remote Code Execution Vulnerability. This vulnerability allows authenticated users to abuse SolarWinds ARM API.
CVE-2021-35227 1Solarwinds 1Access Rights Manager Nov 21, 2024 Oct 21, 2021 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 The HTTP interface was enabled for RabbitMQ Plugin in ARM 2020.2.6 and the ability to configure HTTPS was not available.

Previous 12