Known Vulnerabilities
CVE-2024-28991
SolarWinds Access Rights Manager (ARM) was found to be susceptible to a remote code execution vulnerability. If exploited, this vulnerability would allow an authenticated user to abuse the service, resulting in remote code execution.
CRITICAL
CVSS 9.0
Published Sep 12, 2024
CVE-2024-23467
The SolarWinds Access Rights Manager was susceptible to a Directory Traversal and Information Disclosure Vulnerability. This vulnerability allows an unauthenticated user to perform remote code execution.
CRITICAL
CVSS 9.6
Published Jul 17, 2024
CVE-2024-23472
SolarWinds Access Rights Manager (ARM) is susceptible to Directory Traversal vulnerability. This vulnerability allows an authenticated user to arbitrary read and delete files in ARM.
CRITICAL
CVSS 9.6
Published Jul 17, 2024