cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-28991,https://securityvulnerability.io/vulnerability/CVE-2024-28991,Remote Code Execution Vulnerability Affects SolarWinds ARM,"The SolarWinds Access Rights Manager (ARM) has a vulnerability that enables remote code execution when an authenticated user manipulates the service. This flaw allows potential abuse that could lead to the execution of arbitrary code on the server. Organizations using this version of ARM should take immediate action to mitigate risks associated with this vulnerability, which can have serious implications for data integrity and system security.",Solarwinds,Access Rights Manager,8.8,HIGH,0.0013800000306218863,false,,true,false,true,2024-09-16T00:00:00.000Z,,true,false,,2024-09-12T13:17:30.721Z,4416
CVE-2024-28990,https://securityvulnerability.io/vulnerability/CVE-2024-28990,SolarWinds ARM Has a Hard-Coded Credential Bypass Vulnerability,"The SolarWinds Access Rights Manager (ARM) is affected by a serious authentication bypass due to the presence of hard-coded credentials. Exploiting this vulnerability could allow an attacker to gain unauthorized access to the RabbitMQ management console, potentially compromising sensitive data and system configurations. This flaw emphasizes the importance of strong authentication measures and regular security assessments in application management. SolarWinds acknowledges the issue and collaborates with security experts to mitigate such vulnerabilities promptly.",Solarwinds,Access Rights Manager,9.8,CRITICAL,0.0019600000232458115,false,,false,false,false,,,false,false,,2024-09-12T13:16:35.586Z,0
CVE-2024-23471,https://securityvulnerability.io/vulnerability/CVE-2024-23471,Authentication Bypass Vulnerability Affects SolarWinds Access Rights Manager,"The SolarWinds Access Rights Manager has a vulnerability that enables authenticated users to exploit a specific service, leading to the potential for Remote Code Execution. This results in severe security implications, as malicious actors could execute arbitrary code on the affected system, potentially compromising sensitive information and operational integrity. Organizations utilizing Access Rights Manager are advised to review their security practices and implement necessary mitigations to protect against possible exploits.",Solarwinds,Access Rights Manager,9.8,CRITICAL,0.002850000048056245,false,,false,false,false,,,false,false,,2024-07-17T14:31:28.669Z,0
CVE-2024-23470,https://securityvulnerability.io/vulnerability/CVE-2024-23470,Unauthorized Remote Code Execution Vulnerability Affects Access Rights Manager,"The SolarWinds Access Rights Manager contains a vulnerability that enables pre-authentication remote code execution. This flaw permits an unauthenticated attacker to execute arbitrary commands and scripts on the affected system. Exploitation of this vulnerability poses significant risks, as it can lead to unauthorized access and potential compromise of sensitive data within the organization. It is crucial for users of Access Rights Manager to apply necessary security patches and monitor their environments for signs of exploitation.",Solarwinds,Access Rights Manager,9.8,CRITICAL,0.002850000048056245,false,,false,false,false,,,false,false,,2024-07-17T14:30:37.081Z,0
CVE-2024-28074,https://securityvulnerability.io/vulnerability/CVE-2024-28074,SolarWinds Access Rights Manager Vulnerability Remains Unfixed Despite Prior Attempts to Address,"A vulnerability has been identified in SolarWinds Access Rights Manager where a prior issue was not entirely resolved. Despite the implementation of certain security measures, a researcher discovered a method to circumvent those controls, thereby allowing exploitation of the vulnerability through an alternative approach. This situation highlights the importance of ongoing security assessments and the need for robust measures to mitigate the risk of unauthorized access.",Solarwinds,Access Rights Manager,9.8,CRITICAL,0.0020000000949949026,false,,false,false,false,,,false,false,,2024-07-17T14:29:39.778Z,0
CVE-2024-23467,https://securityvulnerability.io/vulnerability/CVE-2024-23467,SolarWinds Access Rights Manager vulnerable to Directory Traversal and Information Disclosure Attack,"The vulnerability found in SolarWinds Access Rights Manager pertains to directory traversal and information disclosure. It permits unauthenticated individuals to manipulate file system paths, thereby accessing sensitive files outside the intended directory structure. This issue poses significant risks, including the potential for remote code execution, which can be exploited to compromise systems and data integrity. Users of affected versions should consider implementing immediate remediation measures to protect their environments.",Solarwinds,Access Rights Manager,9.8,CRITICAL,0.0033400000538676977,false,,false,false,false,,,false,false,,2024-07-17T14:28:57.869Z,0
CVE-2024-23466,https://securityvulnerability.io/vulnerability/CVE-2024-23466,Unauthenticated Directory Traversal Vulnerability Affects SolarWinds ARM,"SolarWinds Access Rights Manager (ARM) has a significant vulnerability that allows for potential exploitation via Directory Traversal, enabling unauthenticated users to execute commands with SYSTEM privileges. This vulnerability can lead to severe security implications, including unauthorized access and control over sensitive data and system functionality. Organizations using affected versions of SolarWinds ARM should take immediate action to mitigate risks associated with exploitation.",Solarwinds,Access Rights Manager,9.8,CRITICAL,0.0033400000538676977,false,,false,false,false,,,false,false,,2024-07-17T14:28:17.041Z,0
CVE-2024-23465,https://securityvulnerability.io/vulnerability/CVE-2024-23465,Unauthenticated Domain Admin Access Vulnerability Discovered in SolarWinds Access Rights Manager,"The Access Rights Manager by SolarWinds has a vulnerability that permits unauthenticated users to exploit an authentication bypass flaw, granting them domain admin access within an Active Directory environment. This scenario poses significant security risks, as it allows attackers to escalate privileges and potentially compromise sensitive data and resources within an organization's network.",Solarwinds,Access Rights Manager,9.8,CRITICAL,0.002460000105202198,false,,false,false,false,,,false,false,,2024-07-17T14:27:31.092Z,0
CVE-2024-23469,https://securityvulnerability.io/vulnerability/CVE-2024-23469,SolarWinds ARM Vulnerable to Remote Code Execution,"The vulnerability in SolarWinds Access Rights Manager (ARM) enables an unauthenticated user to exploit a Remote Code Execution flaw. By taking advantage of this weakness, attackers can execute arbitrary commands with SYSTEM-level privileges, potentially allowing them to gain unauthorized access to sensitive data and systems. This poses a significant risk as it could lead to widespread infiltration of affected networks, highlighting the need for immediate patching and security measures.",Solarwinds,Access Rights Manager,9.8,CRITICAL,0.0016499999910593033,false,,false,false,false,,,false,false,,2024-07-17T14:26:47.787Z,0
CVE-2024-23475,https://securityvulnerability.io/vulnerability/CVE-2024-23475,Unauthenticated Arbitrary File Deletion and Information Disclosure Vulnerability Affects SolarWinds Access Rights Manager,"The SolarWinds Access Rights Manager is subject to a vulnerability that enables an unauthenticated user to exploit Directory Traversal, potentially leading to arbitrary file deletions and the exposure of sensitive information. This flaw poses a significant risk in environments where Access Rights Manager is deployed, as attackers could leverage it to manipulate access controls and gain unauthorized insights into sensitive data.",Solarwinds,Access Rights Manager,9.8,CRITICAL,0.0027199999894946814,false,,false,false,false,,,false,false,,2024-07-17T14:26:02.809Z,0
CVE-2024-23472,https://securityvulnerability.io/vulnerability/CVE-2024-23472,ARM Vulnerable to Directory Traversal,"SolarWinds Access Rights Manager (ARM) is vulnerable to a Directory Traversal issue that permits an authenticated user to read and delete arbitrary files within the system. This vulnerability poses significant risks as it can be exploited to gain unauthorized access to sensitive data, leading to potential data loss or compromise.",Solarwinds,Access Rights Manager,8.8,HIGH,0.0016299999551847577,false,,false,false,false,,,false,false,,2024-07-17T14:25:20.607Z,0
CVE-2024-28993,https://securityvulnerability.io/vulnerability/CVE-2024-28993,SolarWinds Access Rights Manager Vulnerability Allows Unauthorized File Deletion and Information Disclosure,"The SolarWinds Access Rights Manager is vulnerable to a directory traversal and information disclosure issue. This flaw enables an unauthenticated user to exploit the system by deleting arbitrary files and potentially accessing sensitive data. The exposure can lead to severe security breaches and unauthorized access to critical information, making it essential for organizations using this product to apply the necessary mitigations outlined in the release notes.",Solarwinds,Access Rights Manager,9.4,CRITICAL,0.0008999999845400453,false,,false,false,false,,,false,false,,2024-07-17T14:24:42.745Z,0
CVE-2024-28992,https://securityvulnerability.io/vulnerability/CVE-2024-28992,UnAuthenticated File Deletion and Information Disclosure Vulnerability in SolarWinds Access Rights Manager,"The SolarWinds Access Rights Manager is affected by a vulnerability that exposes it to directory traversal and information disclosure issues. This vulnerability enables unauthenticated attackers to manipulate the file structure, leading to arbitrary file deletions. Additionally, sensitive information may be leaked, thereby compromising the confidentiality and integrity of the system. Organizations using the affected versions of this product should evaluate their security measures promptly.",Solarwinds,Access Rights Manager,9.4,CRITICAL,0.002360000042244792,false,,false,false,false,,,false,false,,2024-07-17T14:23:50.488Z,0
CVE-2024-23468,https://securityvulnerability.io/vulnerability/CVE-2024-23468,SolarWinds Access Rights Manager Vulnerable to Directory Traversal and Information Disclosure,"The Security flaw in SolarWinds Access Rights Manager manifests as a Directory Traversal and Information Disclosure vulnerability. The issue allows unauthorized users to traverse directory structures, leading to the potential for arbitrary file deletion and exposure of confidential information. This can significantly compromise data integrity and confidentiality, making it critical for users and organizations to review their security posture and implement necessary mitigations.",Solarwinds,Access Rights Manager,9.4,CRITICAL,0.002309999894350767,false,,false,false,false,,,false,false,,2024-07-17T14:23:05.079Z,0
CVE-2024-23474,https://securityvulnerability.io/vulnerability/CVE-2024-23474,SolarWinds Access Rights Manager Vulnerable to File Deletion and Information Disclosure,The SolarWinds Access Rights Manager is vulnerable to issues that allow unauthorized arbitrary file deletion as well as potential information disclosure. This vulnerability arises from improper handling of file operations and needs to be addressed promptly to secure sensitive data and maintain system integrity.,Solarwinds,Access Rights Manager,9.8,CRITICAL,0.0027199999894946814,false,,false,false,false,,,false,false,,2024-07-17T14:22:19.833Z,0
CVE-2024-28075,https://securityvulnerability.io/vulnerability/CVE-2024-28075,SolarWinds Access Rights Manager Vulnerable to Remote Code Execution,"The Access Rights Manager from SolarWinds is identified as having a vulnerability that permits remote code execution when exploited by an authenticated user. This flaw takes advantage of weaknesses in the service management, allowing unauthorized execution of code on the affected system. Organizations utilizing the Access Rights Manager should apply relevant updates and closely monitor for any unauthorized activities to safeguard their systems against potential exploitation.",Solarwinds,Access Rights Manager,8.8,HIGH,0.001180000021122396,false,,false,false,false,,,false,false,,2024-05-14T15:13:00.000Z,0
CVE-2024-23473,https://securityvulnerability.io/vulnerability/CVE-2024-23473,SolarWinds Access Rights Manager Vulnerability Allows Bypass of Credential Authentication,"The SolarWinds Access Rights Manager contains a hard-coded credential vulnerability that allows attackers to bypass authentication. This flaw may enable unauthorized access to the RabbitMQ management console, posing security risks for organizations relying on this product for access control and management. Organizations using affected versions should assess their exposure and implement necessary security measures to mitigate potential risks.",Solarwinds,Access Rights Manager,9.8,CRITICAL,0.0023499999660998583,false,,false,false,false,,,false,false,,2024-05-14T14:59:00.000Z,0
CVE-2023-40057,https://securityvulnerability.io/vulnerability/CVE-2023-40057,SolarWinds Access Rights Manager Vulnerable to Remote Code Execution,"The SolarWinds Access Rights Manager contains a vulnerability that can be exploited by authenticated users to perform remote code execution. This exploitation occurs through a specific service within the application, allowing attackers to execute arbitrary code on the server. Such a breach can lead to unauthorized access and control of sensitive systems, making it essential for organizations utilizing this software to apply the latest security patches and carefully manage user privileges.",Solarwinds,Access Rights Manager,9,CRITICAL,0.0006500000017695129,false,,false,false,false,,,false,false,,2024-02-15T20:36:12.759Z,0
CVE-2024-23477,https://securityvulnerability.io/vulnerability/CVE-2024-23477,SolarWinds ARM Vulnerable to Directory Traversal Remote Code Execution,"The SolarWinds Access Rights Manager (ARM) is susceptible to a directory traversal vulnerability that facilitates remote code execution without authentication. By exploiting this vulnerability, an attacker can manipulate file paths to access restricted directories and execute arbitrary code on the server. This poses significant risks to the integrity and confidentiality of the system, allowing unauthorized users to gain control and potentially disrupt operations.",Solarwinds,Access Rights Manager,7.9,HIGH,0.0013099999632686377,false,,false,false,false,,,false,false,,2024-02-15T20:35:56.952Z,0
CVE-2024-23476,https://securityvulnerability.io/vulnerability/CVE-2024-23476,SolarWinds ARM Vulnerable to Directory Traversal Remote Code Execution,"The Access Rights Manager by SolarWinds has a vulnerability that can be exploited through directory traversal techniques, leading to remote code execution by unauthenticated users. This flaw can compromise system integrity and allow attackers to execute arbitrary code, posing a significant risk to sensitive data and infrastructure. Organizations using this software should take immediate steps to secure their systems and apply necessary updates to mitigate this threat.",Solarwinds,Access Rights Manager,9.6,CRITICAL,0.0009399999980814755,false,,false,false,false,,,false,false,,2024-02-15T20:35:52.612Z,0
CVE-2024-23478,https://securityvulnerability.io/vulnerability/CVE-2024-23478,SolarWinds ARM Vulnerable to Remote Code Execution,"A remote code execution vulnerability exists in SolarWinds Access Rights Manager (ARM), allowing an authenticated user to exploit this flaw and execute arbitrary code on the system. The vulnerability arises from improper handling of requests within the SolarWinds service. Exploitation of this vulnerability can lead to unauthorized access, data breaches, and potential compromise of the system. Users are urged to apply available security updates and best practices to mitigate risks.",Solarwinds,Access Rights Manager,8,HIGH,0.0006500000017695129,false,,false,false,false,,,false,false,,2024-02-15T20:35:46.029Z,0
CVE-2024-23479,https://securityvulnerability.io/vulnerability/CVE-2024-23479,SolarWinds ARM Vulnerable to Directory Traversal Remote Code Execution,"The vulnerability in SolarWinds Access Rights Manager (ARM) relates to a Directory Traversal flaw that enables an unauthenticated attacker to execute remote code. By manipulating file paths or input parameters, an attacker may gain unauthorized access to sensitive files and execute arbitrary commands on the server, posing a significant security risk. Organizations using affected versions of SolarWinds ARM should apply patches and review their security measures to mitigate potential exploitation.",Solarwinds,Access Rights Manager,9.6,CRITICAL,0.0009399999980814755,false,,false,false,false,,,false,false,,2024-02-15T20:34:39.088Z,0
CVE-2023-40058,https://securityvulnerability.io/vulnerability/CVE-2023-40058,"Sensitive Information Disclosure Vulnerability ","Sensitive data was added to our public-facing knowledgebase that, if exploited, could be used to access components of Access Rights Manager (ARM) if the threat actor is in the same environment.   


",Solarwinds,Access Rights Manager,6.5,MEDIUM,0.0013000000035390258,false,,false,false,false,,,false,false,,2023-12-21T17:15:00.000Z,0
CVE-2023-35183,https://securityvulnerability.io/vulnerability/CVE-2023-35183,SolarWinds Access Rights Manager Incorrect Default Permissions Local Privilege Escalation Vulnerability,"The SolarWinds Access Rights Manager has a privilege escalation vulnerability that allows authenticated users to misuse local resources. This exploitation could lead to unauthorized access, enabling users to gain elevated permissions within the system.",Solarwinds,Access Rights Manager,7.8,HIGH,0.0013200000394135714,false,,false,false,false,,,false,false,,2023-10-19T15:15:00.000Z,0
CVE-2023-35184,https://securityvulnerability.io/vulnerability/CVE-2023-35184,SolarWinds Access Rights Manager Deserialization of Untrusted Data Remote Code Execution Vulnerability,"The SolarWinds Access Rights Manager is vulnerable to an exploit that enables unauthorized users to execute arbitrary code remotely. This flaw can be abused through a vulnerable SolarWinds service, allowing malicious actors to gain unauthorized control over affected systems. It is essential for users to apply the necessary patches and take proactive security measures to safeguard their environments against potential exploitation.",Solarwinds,Access Rights Manager,8.8,HIGH,0.04537000134587288,false,,false,false,false,,,false,false,,2023-10-19T15:15:00.000Z,0