The SolarWinds Access Rights Manager (ARM) was found to be susceptible to a Directory Traversal Remote Code Execution Vulnerability. If exploited, this vulnerability allows an unauthenticated user to achieve the Remote Code Execution.
https://securityaffairs.com/159294/security/solarwinds-access-rights-manager-flaws.html
https://www.solarwinds.com/trust-center/security-advisories/CVE-2024-23476
Published: 2024-02-15
Updated: 2024-02-20
Base Score: 8.3
Vector: CVSS2#AV:A/AC:L/Au:N/C:C/I:C/A:C
Severity: High
Base Score: 9.6
Vector: CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Severity: Critical
EPSS: 0.03601
Tenable Research has classified this CVE under the following Vulnerability Watch classification, which includes active and historical (inactive) classifications. You can learn more about these classifications on our blog.
Vulnerability Being Monitored