) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:a:solarwinds:access_rights_manager:2021.4:*:*:*:*:*:*:*
- CPE Name Search: true
| Vuln ID | Summary | CVSS Severity |
|---|---|---|
| CVE-2024-23479 |
SolarWinds Access Rights Manager (ARM) was found to be susceptible to a Directory Traversal Remote Code Execution Vulnerability. If exploited, this vulnerability allows an unauthenticated user to achieve a Remote Code Execution. Published: February 15, 2024; 4:15:10 PM -0500 |
V3.1: 9.6 CRITICAL V2.0:(not available) |
| CVE-2024-23478 |
SolarWinds Access Rights Manager (ARM) was found to be susceptible to a Remote Code Execution Vulnerability. If exploited, this vulnerability allows an authenticated user to abuse a SolarWinds service, resulting in remote code execution. Published: February 15, 2024; 4:15:09 PM -0500 |
V3.1: 8.0 HIGH V2.0:(not available) |
| CVE-2024-23477 |
The SolarWinds Access Rights Manager (ARM) was found to be susceptible to a Directory Traversal Remote Code Execution Vulnerability. If exploited, this vulnerability allows an unauthenticated user to achieve a Remote Code Execution. Published: February 15, 2024; 4:15:09 PM -0500 |
V3.1: 9.6 CRITICAL V2.0:(not available) |
| CVE-2024-23476 |
The SolarWinds Access Rights Manager (ARM) was found to be susceptible to a Directory Traversal Remote Code Execution Vulnerability. If exploited, this vulnerability allows an unauthenticated user to achieve the Remote Code Execution. Published: February 15, 2024; 4:15:09 PM -0500 |
V3.1: 9.6 CRITICAL V2.0:(not available) |
| CVE-2023-40057 |
The SolarWinds Access Rights Manager was found to be susceptible to a Remote Code Execution Vulnerability. If exploited, this vulnerability allows an authenticated user to abuse a SolarWinds service resulting in remote code execution. Published: February 15, 2024; 4:15:08 PM -0500 |
V3.1: 9.0 CRITICAL V2.0:(not available) |
| CVE-2023-40058 |
Sensitive data was added to our public-facing knowledgebase that, if exploited, could be used to access components of Access Rights Manager (ARM) if the threat actor is in the same environment. Published: December 21, 2023; 12:15:07 PM -0500 |
V3.1: 6.5 MEDIUM V2.0:(not available) |
| CVE-2023-35187 |
The SolarWinds Access Rights Manager was susceptible to a Directory Traversal Remote Code Vulnerability. This vulnerability allows an unauthenticated user to achieve the Remote Code Execution. Published: October 19, 2023; 11:15:09 AM -0400 |
V3.1: 9.8 CRITICAL V2.0:(not available) |
| CVE-2023-35186 |
The SolarWinds Access Rights Manager was susceptible to Remote Code Execution Vulnerability. This vulnerability allows an authenticated user to abuse SolarWinds service resulting in remote code execution. Published: October 19, 2023; 11:15:09 AM -0400 |
V3.1: 8.8 HIGH V2.0:(not available) |
| CVE-2023-35185 |
The SolarWinds Access Rights Manager was susceptible to a Directory Traversal Remote Code Vulnerability using SYSTEM privileges. Published: October 19, 2023; 11:15:09 AM -0400 |
V3.1: 6.8 MEDIUM V2.0:(not available) |
| CVE-2023-35184 |
The SolarWinds Access Rights Manager was susceptible to Remote Code Execution Vulnerability. This vulnerability allows an unauthenticated user to abuse a SolarWinds service resulting in a remote code execution. Published: October 19, 2023; 11:15:09 AM -0400 |
V3.1: 9.8 CRITICAL V2.0:(not available) |
| CVE-2023-35183 |
The SolarWinds Access Rights Manager was susceptible to Privilege Escalation Vulnerability. This vulnerability allows authenticated users to abuse local resources to Privilege Escalation. Published: October 19, 2023; 11:15:09 AM -0400 |
V3.1: 7.8 HIGH V2.0:(not available) |
| CVE-2023-35182 |
The SolarWinds Access Rights Manager was susceptible to Remote Code Execution Vulnerability. This vulnerability can be abused by unauthenticated users on SolarWinds ARM Server. Published: October 19, 2023; 11:15:09 AM -0400 |
V3.1: 9.8 CRITICAL V2.0:(not available) |
| CVE-2023-35181 |
The SolarWinds Access Rights Manager was susceptible to Privilege Escalation Vulnerability. This vulnerability allows users to abuse incorrect folder permission resulting in Privilege Escalation. Published: October 19, 2023; 11:15:08 AM -0400 |
V3.1: 7.8 HIGH V2.0:(not available) |
| CVE-2023-35180 |
The SolarWinds Access Rights Manager was susceptible to Remote Code Execution Vulnerability. This vulnerability allows authenticated users to abuse SolarWinds ARM API. Published: October 19, 2023; 11:15:08 AM -0400 |
V3.1: 8.8 HIGH V2.0:(not available) |