Vulnerability Details CVE-2024-23467
The SolarWinds Access Rights Manager was susceptible to a Directory Traversal and Information Disclosure Vulnerability. This vulnerability allows an unauthenticated user to perform remote code execution.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 33.2%
CVSS Severity
CVSS v3 Score 9.6
References
Products affected by CVE-2024-23467
-
cpe:2.3:a:solarwinds:access_rights_manager:-
-
cpe:2.3:a:solarwinds:access_rights_manager:2019.4
-
cpe:2.3:a:solarwinds:access_rights_manager:2020.2
-
cpe:2.3:a:solarwinds:access_rights_manager:2021.4
-
cpe:2.3:a:solarwinds:access_rights_manager:2022.2
-
cpe:2.3:a:solarwinds:access_rights_manager:2022.4
-
cpe:2.3:a:solarwinds:access_rights_manager:2023.2
-
cpe:2.3:a:solarwinds:access_rights_manager:2023.2.0.73
-
cpe:2.3:a:solarwinds:access_rights_manager:2023.2.1
-
cpe:2.3:a:solarwinds:access_rights_manager:2023.2.2
-
cpe:2.3:a:solarwinds:access_rights_manager:2023.2.3
-
cpe:2.3:a:solarwinds:access_rights_manager:2023.2.4
-
cpe:2.3:a:solarwinds:access_rights_manager:9.1
-
cpe:2.3:a:solarwinds:access_rights_manager:9.2