CVE-2023-35181

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Oct 19, 2023

Updated: Oct 25, 2023

CWE ID 276

Summary

CVE-2023-35181 is a privilege escalation vulnerability affecting SolarWinds Access Rights Manager. The issue arises due to incorrect folder permissions, which can be exploited by users to gain elevated privileges beyond their intended level of access. This vulnerability poses a significant risk, as it allows unauthorized users to potentially access and manipulate sensitive data or system configurations. Organizations using SolarWinds Access Rights Manager are strongly urged to apply the available patch to mitigate this threat.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Solarwinds Access Rights Manager

Affected Vendors

SolarWinds Inc.

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/rzlErT
https://www.cve.org/CVERecord?id=CVE-2023-35181
https://nvd.nist.gov/vuln/detail/CVE-2023-35181

Back to Vulnerability Database