The SolarWinds Access Rights Manager was found to be susceptible to a Remote Code Execution Vulnerability. If exploited, this vulnerability allows an authenticated user to abuse a SolarWinds service resulting in remote code execution.
https://securityaffairs.com/159294/security/solarwinds-access-rights-manager-flaws.html
https://www.solarwinds.com/trust-center/security-advisories/CVE-2023-40057
Published: 2024-02-15
Updated: 2024-02-20
Base Score: 7.7
Vector: CVSS2#AV:A/AC:L/Au:S/C:C/I:C/A:C
Severity: High
Base Score: 9
Vector: CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Severity: Critical
EPSS: 0.09495
Tenable Research has classified this CVE under the following Vulnerability Watch classification, which includes active and historical (inactive) classifications. You can learn more about these classifications on our blog.
Vulnerability Being Monitored