Product:

Access_rights_manager

(Solarwinds)
Repositories

Unknown:

This might be proprietary software.

#Vulnerabilities 30
Date Id Summary Products Score Patch Annotated
2021-10-21 CVE-2021-35227 The HTTP interface was enabled for RabbitMQ Plugin in ARM 2020.2.6 and the ability to configure HTTPS was not available. Access_rights_manager 7.8
2023-10-19 CVE-2023-35180 The SolarWinds Access Rights Manager was susceptible to Remote Code Execution Vulnerability. This vulnerability allows authenticated users to abuse SolarWinds ARM API. Access_rights_manager 8.8
2023-10-19 CVE-2023-35181 The SolarWinds Access Rights Manager was susceptible to Privilege Escalation Vulnerability. This vulnerability allows users to abuse incorrect folder permission resulting in Privilege Escalation. Access_rights_manager 7.8
2023-10-19 CVE-2023-35182 The SolarWinds Access Rights Manager was susceptible to Remote Code Execution Vulnerability. This vulnerability can be abused by unauthenticated users on SolarWinds ARM Server. Access_rights_manager 9.8
2023-10-19 CVE-2023-35183 The SolarWinds Access Rights Manager was susceptible to Privilege Escalation Vulnerability. This vulnerability allows authenticated users to abuse local resources to Privilege Escalation. Access_rights_manager N/A
2023-10-19 CVE-2023-35184 The SolarWinds Access Rights Manager was susceptible to Remote Code Execution Vulnerability. This vulnerability allows an unauthenticated user to abuse a SolarWinds service resulting in a remote code execution. Access_rights_manager 9.8
2023-10-19 CVE-2023-35185 The SolarWinds Access Rights Manager was susceptible to a Directory Traversal Remote Code Vulnerability using SYSTEM privileges. Access_rights_manager N/A
2023-10-19 CVE-2023-35186 The SolarWinds Access Rights Manager was susceptible to Remote Code Execution Vulnerability. This vulnerability allows an authenticated user to abuse SolarWinds service resulting in remote code execution. Access_rights_manager 8.8
2023-10-19 CVE-2023-35187 The SolarWinds Access Rights Manager was susceptible to a Directory Traversal Remote Code Vulnerability. This vulnerability allows an unauthenticated user to achieve the Remote Code Execution. Access_rights_manager 9.8
2023-12-21 CVE-2023-40058 Sensitive data was added to our public-facing knowledgebase that, if exploited, could be used to access components of Access Rights Manager (ARM) if the threat actor is in the same environment. Access_rights_manager N/A