Vulnerability Details CVE-2023-35187
The SolarWinds Access Rights Manager was susceptible to a Directory Traversal Remote Code Vulnerability. This vulnerability allows an unauthenticated user to achieve the Remote Code Execution.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.02
EPSS Ranking 82.9%
CVSS Severity
CVSS v3 Score 8.8
References
- https://documentation.solarwinds.com/en/success_center/arm/content/release_notes/arm_2023-2-1_release_notes.htm
- https://https://www.solarwinds.com/trust-center/security-advisories/CVE-2023-35187
- https://documentation.solarwinds.com/en/success_center/arm/content/release_notes/arm_2023-2-1_release_notes.htm
- https://https://www.solarwinds.com/trust-center/security-advisories/CVE-2023-35187
Products affected by CVE-2023-35187
-
cpe:2.3:a:solarwinds:access_rights_manager:-
-
cpe:2.3:a:solarwinds:access_rights_manager:2019.4
-
cpe:2.3:a:solarwinds:access_rights_manager:2020.2
-
cpe:2.3:a:solarwinds:access_rights_manager:2021.4
-
cpe:2.3:a:solarwinds:access_rights_manager:2022.2
-
cpe:2.3:a:solarwinds:access_rights_manager:2022.4
-
cpe:2.3:a:solarwinds:access_rights_manager:2023.2
-
cpe:2.3:a:solarwinds:access_rights_manager:2023.2.0.73
-
cpe:2.3:a:solarwinds:access_rights_manager:9.1
-
cpe:2.3:a:solarwinds:access_rights_manager:9.2