Vulnerability Details CVE-2023-35182
The SolarWinds Access Rights Manager was susceptible to Remote Code Execution Vulnerability. This vulnerability can be abused by unauthenticated users on SolarWinds ARM Server.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.046
EPSS Ranking 89.0%
CVSS Severity
CVSS v3 Score 8.8
References
- https://documentation.solarwinds.com/en/success_center/arm/content/release_notes/arm_2023-2-1_release_notes.htm
- https://www.solarwinds.com/trust-center/security-advisories/CVE-2023-35182
- https://documentation.solarwinds.com/en/success_center/arm/content/release_notes/arm_2023-2-1_release_notes.htm
- https://www.solarwinds.com/trust-center/security-advisories/CVE-2023-35182
Products affected by CVE-2023-35182
-
cpe:2.3:a:solarwinds:access_rights_manager:-
-
cpe:2.3:a:solarwinds:access_rights_manager:2019.4
-
cpe:2.3:a:solarwinds:access_rights_manager:2020.2
-
cpe:2.3:a:solarwinds:access_rights_manager:2021.4
-
cpe:2.3:a:solarwinds:access_rights_manager:2022.2
-
cpe:2.3:a:solarwinds:access_rights_manager:2022.4
-
cpe:2.3:a:solarwinds:access_rights_manager:2023.2
-
cpe:2.3:a:solarwinds:access_rights_manager:2023.2.0.73
-
cpe:2.3:a:solarwinds:access_rights_manager:9.1
-
cpe:2.3:a:solarwinds:access_rights_manager:9.2