Lucene search
HistoryOct 19, 2023 - 3:15 p.m.
CVE-2023-35182
solarwinds
access rights manager
rce
vulnerability
unauthenticated users
nvd
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.7 High
AI Score
Confidence
High
0.034 Low
EPSS
Percentile
91.5%
The SolarWinds Access Rights Manager was susceptible to Remote Code Execution Vulnerability. This vulnerability can be abused by unauthenticated users on SolarWinds ARM Server.
Affected configurations
Node
solarwindsaccess_rights_managerRange≤2023.2.0.73
| CPE | Name | Operator | Version |
|---|---|---|---|
| solarwinds:access_rights_manager | solarwinds access rights manager | le | 2023.2.0.73 |
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "Access Rights Manager",
"vendor": "SolarWinds",
"versions": [
{
"lessThanOrEqual": "2023.2.0.73",
"status": "affected",
"version": "previous versions",
"versionType": "2023.2"
}
]
}
]References
Social References
More
Related
zdi
zdi
cvelist
cvelist
prion
prion
Remote code execution
2023-10-19 15:15:00
nvd
nvd
CVE-2023-35182
2023-10-19 15:15:09
thn
thn
Alert: PoC Exploits Released for Citrix and VMware Vulnerabilities
2023-10-25 04:47:00
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.7 High
AI Score
Confidence
High
0.034 Low
EPSS
Percentile
91.5%
Related for CVE-2023-35182