Vulnerability Details CVE-2024-28991
SolarWinds Access Rights Manager (ARM) was found to be susceptible to a remote code execution vulnerability. If exploited, this vulnerability would allow an authenticated user to abuse the service, resulting in remote code execution.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.397
EPSS Ranking 97.1%
CVSS Severity
CVSS v3 Score 9.0
References
Products affected by CVE-2024-28991
-
cpe:2.3:a:solarwinds:access_rights_manager:-
-
cpe:2.3:a:solarwinds:access_rights_manager:2019.4
-
cpe:2.3:a:solarwinds:access_rights_manager:2020.2
-
cpe:2.3:a:solarwinds:access_rights_manager:2021.4
-
cpe:2.3:a:solarwinds:access_rights_manager:2022.2
-
cpe:2.3:a:solarwinds:access_rights_manager:2022.4
-
cpe:2.3:a:solarwinds:access_rights_manager:2023.2
-
cpe:2.3:a:solarwinds:access_rights_manager:2023.2.0.73
-
cpe:2.3:a:solarwinds:access_rights_manager:2023.2.1
-
cpe:2.3:a:solarwinds:access_rights_manager:2023.2.2
-
cpe:2.3:a:solarwinds:access_rights_manager:2023.2.3
-
cpe:2.3:a:solarwinds:access_rights_manager:2023.2.4
-
cpe:2.3:a:solarwinds:access_rights_manager:2024.3
-
cpe:2.3:a:solarwinds:access_rights_manager:9.1
-
cpe:2.3:a:solarwinds:access_rights_manager:9.2