CVE-2023-40057

CVSS 3.1 Score 9.0 of 10 (high)

Details

Published Feb 15, 2024

Updated: Feb 20, 2024

CWE ID 502

Summary

CVE-2023-40057 refers to a Remote Code Execution vulnerability in SolarWinds Access Rights Manager. This issue allows authenticated users to misuse a SolarWinds service, leading to remote code execution. Exploitation of this vulnerability could result in significant security implications, such as unauthorized system access or data theft. Organizations using SolarWinds Access Rights Manager are strongly advised to apply the available patch or implement alternative mitigations to protect against potential attacks.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Solarwinds Access Rights Manager

Affected Vendors

SolarWinds Inc.

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/sRV62o
https://www.cve.org/CVERecord?id=CVE-2023-40057
https://nvd.nist.gov/vuln/detail/CVE-2023-40057

Back to Vulnerability Database