Skip to main content

Access Rights Manager

31 CVEs product

Monthly

CVE-2024-28991 HIGH This Week

SolarWinds Access Rights Manager (ARM) was found to be susceptible to a remote code execution vulnerability. Rated high severity (CVSS 8.0), this vulnerability is low attack complexity. No vendor patch available.

Deserialization RCE Access Rights Manager
NVD
CVSS 3.1
8.0
EPSS
3.1%
CVE-2024-28990 HIGH This Week

SolarWinds Access Rights Manager (ARM) was found to contain a hard-coded credential authentication bypass vulnerability. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Trend Micro Access Rights Manager
NVD
CVSS 3.1
8.8
EPSS
0.5%
CVE-2024-28993 HIGH This Week

The SolarWinds Access Rights Manager was susceptible to a Directory Traversal and Information Disclosure Vulnerability. Rated high severity (CVSS 8.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Path Traversal Information Disclosure Access Rights Manager
NVD
CVSS 3.1
8.3
EPSS
1.0%
CVE-2024-28992 HIGH This Week

The SolarWinds Access Rights Manager was susceptible to a Directory Traversal and Information Disclosure Vulnerability. Rated high severity (CVSS 8.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Path Traversal Information Disclosure Access Rights Manager
NVD
CVSS 3.1
8.3
EPSS
1.9%
CVE-2024-28074 HIGH This Week

It was discovered that a previous vulnerability was not completely fixed with SolarWinds Access Rights Manager. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Deserialization Access Rights Manager
NVD
CVSS 3.1
8.8
EPSS
10.9%
CVE-2024-23475 HIGH This Week

The SolarWinds Access Rights Manager was susceptible to a Directory Traversal and Information Disclosure Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Path Traversal Information Disclosure Access Rights Manager
NVD
CVSS 3.1
8.8
EPSS
2.1%
CVE-2024-23474 HIGH This Week

The SolarWinds Access Rights Manager was found to be susceptible to an Arbitrary File Deletion and Information Disclosure vulnerability. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Path Traversal Information Disclosure Access Rights Manager
NVD
CVSS 3.1
8.8
EPSS
1.5%
CVE-2024-23472 HIGH This Week

SolarWinds Access Rights Manager (ARM) is susceptible to Directory Traversal vulnerability. Rated high severity (CVSS 8.0), this vulnerability is low attack complexity. No vendor patch available.

Path Traversal Access Rights Manager
NVD
CVSS 3.1
8.0
EPSS
18.6%
CVE-2024-23471 HIGH This Week

The SolarWinds Access Rights Manager was found to be susceptible to a Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass RCE Access Rights Manager
NVD
CVSS 3.1
8.8
EPSS
1.3%
CVE-2024-23470 HIGH This Week

The SolarWinds Access Rights Manager was found to be susceptible to a pre-authentication remote code execution vulnerability. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass RCE Access Rights Manager
NVD
CVSS 3.1
8.8
EPSS
1.2%
CVE-2024-23469 HIGH This Week

SolarWinds Access Rights Manager (ARM) is susceptible to a Remote Code Execution vulnerability. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Access Rights Manager
NVD
CVSS 3.1
8.8
EPSS
17.9%
CVE-2024-23468 HIGH This Week

The SolarWinds Access Rights Manager was susceptible to a Directory Traversal and Information Disclosure Vulnerability. Rated high severity (CVSS 8.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Path Traversal Information Disclosure Access Rights Manager
NVD
CVSS 3.1
8.3
EPSS
3.4%
CVE-2024-23467 HIGH This Week

The SolarWinds Access Rights Manager was susceptible to a Directory Traversal and Information Disclosure Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Path Traversal Information Disclosure Access Rights Manager
NVD
CVSS 3.1
8.8
EPSS
2.9%
CVE-2024-23466 HIGH This Week

SolarWinds Access Rights Manager (ARM) is susceptible to a Directory Traversal Remote Code Execution vulnerability. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Path Traversal Access Rights Manager
NVD
CVSS 3.1
8.8
EPSS
2.5%
CVE-2024-23465 HIGH This Week

The SolarWinds Access Rights Manager was found to be susceptible to an authentication bypass vulnerability. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Access Rights Manager
NVD
CVSS 3.1
8.8
EPSS
1.9%
CVE-2024-28075 HIGH This Week

The SolarWinds Access Rights Manager was susceptible to Remote Code Execution Vulnerability. Rated high severity (CVSS 8.0), this vulnerability is low attack complexity. No vendor patch available.

Deserialization RCE Trend Micro Access Rights Manager
NVD
CVSS 3.1
8.0
EPSS
78.0%
CVE-2024-23473 CRITICAL Act Now

The SolarWinds Access Rights Manager was found to contain a hard-coded credential authentication bypass vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Trend Micro Access Rights Manager
NVD
CVSS 3.1
9.8
EPSS
1.1%
CVE-2024-23479 CRITICAL Act Now

SolarWinds Access Rights Manager (ARM) was found to be susceptible to a Directory Traversal Remote Code Execution Vulnerability. Rated critical severity (CVSS 9.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Path Traversal Access Rights Manager
NVD
CVSS 3.1
9.6
EPSS
5.8%
CVE-2024-23478 HIGH PATCH This Week

SolarWinds Access Rights Manager (ARM) was found to be susceptible to a Remote Code Execution Vulnerability. Rated high severity (CVSS 8.0), this vulnerability is low attack complexity. This Deserialization of Untrusted Data vulnerability could allow attackers to execute arbitrary code through malicious serialized objects.

Deserialization RCE Access Rights Manager
NVD
CVSS 3.1
8.0
EPSS
81.6%
CVE-2024-23477 CRITICAL PATCH Act Now

The SolarWinds Access Rights Manager (ARM) was found to be susceptible to a Directory Traversal Remote Code Execution Vulnerability. Rated critical severity (CVSS 9.6), this vulnerability is no authentication required, low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

RCE Path Traversal Access Rights Manager
NVD
CVSS 3.1
9.6
EPSS
7.8%
CVE-2024-23476 CRITICAL PATCH Act Now

The SolarWinds Access Rights Manager (ARM) was found to be susceptible to a Directory Traversal Remote Code Execution Vulnerability. Rated critical severity (CVSS 9.6), this vulnerability is no authentication required, low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

RCE Path Traversal Access Rights Manager
NVD
CVSS 3.1
9.6
EPSS
7.1%
CVE-2023-40058 MEDIUM This Month

Sensitive data was added to our public-facing knowledgebase that, if exploited, could be used to access components of Access Rights Manager (ARM) if the threat actor is in the same environment. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Access Rights Manager
NVD
CVSS 3.1
6.5
EPSS
0.8%
CVE-2023-35187 CRITICAL Act Now

The SolarWinds Access Rights Manager was susceptible to a Directory Traversal Remote Code Vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Path Traversal Access Rights Manager
NVD
CVSS 3.1
9.8
EPSS
3.0%
CVE-2023-35186 HIGH This Week

The SolarWinds Access Rights Manager was susceptible to Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Deserialization Access Rights Manager
NVD
CVSS 3.1
8.8
EPSS
2.2%
CVE-2023-35185 MEDIUM This Month

The SolarWinds Access Rights Manager was susceptible to a Directory Traversal Remote Code Vulnerability using SYSTEM privileges. Rated medium severity (CVSS 6.8), this vulnerability is low attack complexity. No vendor patch available.

Path Traversal Access Rights Manager
NVD
CVSS 3.1
6.8
EPSS
1.1%
CVE-2023-35184 CRITICAL Act Now

The SolarWinds Access Rights Manager was susceptible to Remote Code Execution Vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Deserialization Access Rights Manager
NVD
CVSS 3.1
9.8
EPSS
1.4%
CVE-2023-35183 HIGH This Week

The SolarWinds Access Rights Manager was susceptible to Privilege Escalation Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Access Rights Manager
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2023-35182 CRITICAL Act Now

The SolarWinds Access Rights Manager was susceptible to Remote Code Execution Vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Deserialization Access Rights Manager
NVD
CVSS 3.1
9.8
EPSS
2.4%
CVE-2023-35181 HIGH This Week

The SolarWinds Access Rights Manager was susceptible to Privilege Escalation Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Access Rights Manager
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2023-35180 HIGH This Week

The SolarWinds Access Rights Manager was susceptible to Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Deserialization Access Rights Manager
NVD
CVSS 3.1
8.8
EPSS
27.4%
CVE-2021-35227 HIGH This Week

The HTTP interface was enabled for RabbitMQ Plugin in ARM 2020.2.6 and the ability to configure HTTPS was not available. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

XSS Access Rights Manager
NVD
CVSS 3.1
7.8
EPSS
0.5%
EPSS 3% CVSS 8.0
HIGH This Week

SolarWinds Access Rights Manager (ARM) was found to be susceptible to a remote code execution vulnerability. Rated high severity (CVSS 8.0), this vulnerability is low attack complexity. No vendor patch available.

Deserialization RCE Access Rights Manager
NVD
EPSS 0% CVSS 8.8
HIGH This Week

SolarWinds Access Rights Manager (ARM) was found to contain a hard-coded credential authentication bypass vulnerability. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Trend Micro Access Rights Manager
NVD
EPSS 1% CVSS 8.3
HIGH This Week

The SolarWinds Access Rights Manager was susceptible to a Directory Traversal and Information Disclosure Vulnerability. Rated high severity (CVSS 8.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Path Traversal Information Disclosure Access Rights Manager
NVD
EPSS 2% CVSS 8.3
HIGH This Week

The SolarWinds Access Rights Manager was susceptible to a Directory Traversal and Information Disclosure Vulnerability. Rated high severity (CVSS 8.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Path Traversal Information Disclosure +1
NVD
EPSS 11% CVSS 8.8
HIGH This Week

It was discovered that a previous vulnerability was not completely fixed with SolarWinds Access Rights Manager. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Deserialization Access Rights Manager
NVD
EPSS 2% CVSS 8.8
HIGH This Week

The SolarWinds Access Rights Manager was susceptible to a Directory Traversal and Information Disclosure Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Path Traversal Information Disclosure Access Rights Manager
NVD
EPSS 2% CVSS 8.8
HIGH This Week

The SolarWinds Access Rights Manager was found to be susceptible to an Arbitrary File Deletion and Information Disclosure vulnerability. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Path Traversal Information Disclosure Access Rights Manager
NVD
EPSS 19% CVSS 8.0
HIGH This Week

SolarWinds Access Rights Manager (ARM) is susceptible to Directory Traversal vulnerability. Rated high severity (CVSS 8.0), this vulnerability is low attack complexity. No vendor patch available.

Path Traversal Access Rights Manager
NVD
EPSS 1% CVSS 8.8
HIGH This Week

The SolarWinds Access Rights Manager was found to be susceptible to a Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass RCE Access Rights Manager
NVD
EPSS 1% CVSS 8.8
HIGH This Week

The SolarWinds Access Rights Manager was found to be susceptible to a pre-authentication remote code execution vulnerability. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass RCE Access Rights Manager
NVD
EPSS 18% CVSS 8.8
HIGH This Week

SolarWinds Access Rights Manager (ARM) is susceptible to a Remote Code Execution vulnerability. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Access Rights Manager
NVD
EPSS 3% CVSS 8.3
HIGH This Week

The SolarWinds Access Rights Manager was susceptible to a Directory Traversal and Information Disclosure Vulnerability. Rated high severity (CVSS 8.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Path Traversal Information Disclosure Access Rights Manager
NVD
EPSS 3% CVSS 8.8
HIGH This Week

The SolarWinds Access Rights Manager was susceptible to a Directory Traversal and Information Disclosure Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Path Traversal Information Disclosure +1
NVD
EPSS 3% CVSS 8.8
HIGH This Week

SolarWinds Access Rights Manager (ARM) is susceptible to a Directory Traversal Remote Code Execution vulnerability. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Path Traversal Access Rights Manager
NVD
EPSS 2% CVSS 8.8
HIGH This Week

The SolarWinds Access Rights Manager was found to be susceptible to an authentication bypass vulnerability. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Access Rights Manager
NVD
EPSS 78% CVSS 8.0
HIGH This Week

The SolarWinds Access Rights Manager was susceptible to Remote Code Execution Vulnerability. Rated high severity (CVSS 8.0), this vulnerability is low attack complexity. No vendor patch available.

Deserialization RCE Trend Micro +1
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

The SolarWinds Access Rights Manager was found to contain a hard-coded credential authentication bypass vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Trend Micro Access Rights Manager
NVD
EPSS 6% CVSS 9.6
CRITICAL Act Now

SolarWinds Access Rights Manager (ARM) was found to be susceptible to a Directory Traversal Remote Code Execution Vulnerability. Rated critical severity (CVSS 9.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Path Traversal Access Rights Manager
NVD
EPSS 82% CVSS 8.0
HIGH PATCH This Week

SolarWinds Access Rights Manager (ARM) was found to be susceptible to a Remote Code Execution Vulnerability. Rated high severity (CVSS 8.0), this vulnerability is low attack complexity. This Deserialization of Untrusted Data vulnerability could allow attackers to execute arbitrary code through malicious serialized objects.

Deserialization RCE Access Rights Manager
NVD
EPSS 8% CVSS 9.6
CRITICAL PATCH Act Now

The SolarWinds Access Rights Manager (ARM) was found to be susceptible to a Directory Traversal Remote Code Execution Vulnerability. Rated critical severity (CVSS 9.6), this vulnerability is no authentication required, low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

RCE Path Traversal Access Rights Manager
NVD
EPSS 7% CVSS 9.6
CRITICAL PATCH Act Now

The SolarWinds Access Rights Manager (ARM) was found to be susceptible to a Directory Traversal Remote Code Execution Vulnerability. Rated critical severity (CVSS 9.6), this vulnerability is no authentication required, low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

RCE Path Traversal Access Rights Manager
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

Sensitive data was added to our public-facing knowledgebase that, if exploited, could be used to access components of Access Rights Manager (ARM) if the threat actor is in the same environment. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Access Rights Manager
NVD
EPSS 3% CVSS 9.8
CRITICAL Act Now

The SolarWinds Access Rights Manager was susceptible to a Directory Traversal Remote Code Vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Path Traversal Access Rights Manager
NVD
EPSS 2% CVSS 8.8
HIGH This Week

The SolarWinds Access Rights Manager was susceptible to Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Deserialization Access Rights Manager
NVD
EPSS 1% CVSS 6.8
MEDIUM This Month

The SolarWinds Access Rights Manager was susceptible to a Directory Traversal Remote Code Vulnerability using SYSTEM privileges. Rated medium severity (CVSS 6.8), this vulnerability is low attack complexity. No vendor patch available.

Path Traversal Access Rights Manager
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

The SolarWinds Access Rights Manager was susceptible to Remote Code Execution Vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Deserialization Access Rights Manager
NVD
EPSS 0% CVSS 7.8
HIGH This Week

The SolarWinds Access Rights Manager was susceptible to Privilege Escalation Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Access Rights Manager
NVD
EPSS 2% CVSS 9.8
CRITICAL Act Now

The SolarWinds Access Rights Manager was susceptible to Remote Code Execution Vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Deserialization Access Rights Manager
NVD
EPSS 0% CVSS 7.8
HIGH This Week

The SolarWinds Access Rights Manager was susceptible to Privilege Escalation Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Access Rights Manager
NVD
EPSS 27% CVSS 8.8
HIGH This Week

The SolarWinds Access Rights Manager was susceptible to Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Deserialization Access Rights Manager
NVD
EPSS 0% CVSS 7.8
HIGH This Week

The HTTP interface was enabled for RabbitMQ Plugin in ARM 2020.2.6 and the ability to configure HTTPS was not available. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

XSS Access Rights Manager
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy