CVE-2024-23479

CVSS 3.1 Score 9.6 of 10 (high)

Details

Published Feb 15, 2024

Updated: Feb 20, 2024

CWE ID 22

Summary

CVE-2024-23479 is a recently disclosed vulnerability affecting SolarWinds Access Rights Manager (ARM). This issue permits an unauthenticated attacker to execute arbitrary code remotely via a Directory Traversal exploit. The vulnerability could lead to significant security risks if exploited, making it essential for organizations using SolarWinds ARM to apply the available patch promptly. This critical security flaw can bypass access control measures, potentially granting unauthorized access and enabling data theft or system damage.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Solarwinds Access Rights Manager

Affected Vendors

SolarWinds Inc.

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/uiF8-m
https://www.cve.org/CVERecord?id=CVE-2024-23479
https://nvd.nist.gov/vuln/detail/CVE-2024-23479

Back to Vulnerability Database