Solarwinds: Security Vulnerabilities
The SolarWinds Access Rights Manager was found to be susceptible to a Remote Code Execution Vulnerability. If exploited, this vulnerability allows an authenticated user to abuse a SolarWinds service resulting in remote code execution.
CVSS Score
9.6
EPSS Score
0.023
Published
2024-07-17
SolarWinds Access Rights Manager (ARM) is susceptible to Directory Traversal vulnerability. This vulnerability allows an authenticated user to arbitrary read and delete files in ARM.
CVSS Score
9.6
EPSS Score
0.062
Published
2024-07-17
The SolarWinds Access Rights Manager was found to be susceptible to an Arbitrary File Deletion and Information Disclosure vulnerability.
CVSS Score
7.6
EPSS Score
0.0
Published
2024-07-17
SolarWinds Access Rights Manager (ARM) is susceptible to a Directory Traversal Remote Code Execution vulnerability. If exploited, this vulnerability allows an unauthenticated user to perform the actions with SYSTEM privileges.
CVSS Score
9.6
EPSS Score
0.045
Published
2024-07-17
The SolarWinds Access Rights Manager was susceptible to a Directory Traversal and Information Disclosure Vulnerability. This vulnerability allows an unauthenticated user to perform remote code execution.
CVSS Score
9.6
EPSS Score
0.048
Published
2024-07-17
The SolarWinds Access Rights Manager was susceptible to a Directory Traversal and Information Disclosure Vulnerability. This vulnerability allows an unauthenticated user to perform arbitrary file deletion and leak sensitive information.
CVSS Score
7.6
EPSS Score
0.005
Published
2024-07-17
SolarWinds Access Rights Manager (ARM) is susceptible to a Remote Code Execution vulnerability. If exploited, this vulnerability allows an unauthenticated user to perform the actions with SYSTEM privileges.
CVSS Score
9.6
EPSS Score
0.182
Published
2024-07-17
The SolarWinds Access Rights Manager was found to be susceptible to an authentication bypass vulnerability. This vulnerability allows an unauthenticated user to gain domain admin access within the Active Directory environment.
CVSS Score
8.3
EPSS Score
0.0
Published
2024-07-17
CVE-2024-28995
SolarWinds Serv-U was susceptible to a directory transversal vulnerability that would allow access to read sensitive files on the host machine.
Known exploited
CVSS Score
8.6
EPSS Score
0.944
Published
2024-06-06
The SolarWinds Platform was determined to be affected by a Race Condition Vulnerability affecting the web console.
CVSS Score
6.4
EPSS Score
0.065
Published
2024-06-04