Vulnerability Details CVE-2023-35184
The SolarWinds Access Rights Manager was susceptible to Remote Code Execution Vulnerability. This vulnerability allows an unauthenticated user to abuse a SolarWinds service resulting in a remote code execution.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.106
EPSS Ranking 92.9%
CVSS Severity
CVSS v3 Score 8.8
References
- https://documentation.solarwinds.com/en/success_center/arm/content/release_notes/arm_2023-2-1_release_notes.htm
- https://www.solarwinds.com/trust-center/security-advisories/CVE-2023-35184
- https://documentation.solarwinds.com/en/success_center/arm/content/release_notes/arm_2023-2-1_release_notes.htm
- https://www.solarwinds.com/trust-center/security-advisories/CVE-2023-35184
Products affected by CVE-2023-35184
-
cpe:2.3:a:solarwinds:access_rights_manager:-
-
cpe:2.3:a:solarwinds:access_rights_manager:2019.4
-
cpe:2.3:a:solarwinds:access_rights_manager:2020.2
-
cpe:2.3:a:solarwinds:access_rights_manager:2021.4
-
cpe:2.3:a:solarwinds:access_rights_manager:2022.2
-
cpe:2.3:a:solarwinds:access_rights_manager:2022.4
-
cpe:2.3:a:solarwinds:access_rights_manager:2023.2
-
cpe:2.3:a:solarwinds:access_rights_manager:2023.2.0.73
-
cpe:2.3:a:solarwinds:access_rights_manager:9.1
-
cpe:2.3:a:solarwinds:access_rights_manager:9.2