Access_rights_manager - Vulncode-DB

Note:

This project will be discontinued after December 13, 2021. [more]

Product:
Access_rights_manager
(Solarwinds)

Repositories	Unknown: This might be proprietary software.
#Vulnerabilities	30

Date	Id	Summary	Products	Score	Patch	Annotated
2023-12-21	CVE-2023-40058	Sensitive data was added to our public-facing knowledgebase that, if exploited, could be used to access components of Access Rights Manager (ARM) if the threat actor is in the same environment.	Access_rights_manager	6.5
2023-10-19	CVE-2023-35185	The SolarWinds Access Rights Manager was susceptible to a Directory Traversal Remote Code Vulnerability using SYSTEM privileges.	Access_rights_manager	6.8
2023-10-19	CVE-2023-35180	The SolarWinds Access Rights Manager was susceptible to Remote Code Execution Vulnerability. This vulnerability allows authenticated users to abuse SolarWinds ARM API.	Access_rights_manager	8.8
2023-10-19	CVE-2023-35181	The SolarWinds Access Rights Manager was susceptible to Privilege Escalation Vulnerability. This vulnerability allows users to abuse incorrect folder permission resulting in Privilege Escalation.	Access_rights_manager	7.8
2023-10-19	CVE-2023-35182	The SolarWinds Access Rights Manager was susceptible to Remote Code Execution Vulnerability. This vulnerability can be abused by unauthenticated users on SolarWinds ARM Server.	Access_rights_manager	9.8
2023-10-19	CVE-2023-35183	The SolarWinds Access Rights Manager was susceptible to Privilege Escalation Vulnerability. This vulnerability allows authenticated users to abuse local resources to Privilege Escalation.	Access_rights_manager	7.8
2023-10-19	CVE-2023-35184	The SolarWinds Access Rights Manager was susceptible to Remote Code Execution Vulnerability. This vulnerability allows an unauthenticated user to abuse a SolarWinds service resulting in a remote code execution.	Access_rights_manager	9.8
2023-10-19	CVE-2023-35186	The SolarWinds Access Rights Manager was susceptible to Remote Code Execution Vulnerability. This vulnerability allows an authenticated user to abuse SolarWinds service resulting in remote code execution.	Access_rights_manager	8.8
2023-10-19	CVE-2023-35187	The SolarWinds Access Rights Manager was susceptible to a Directory Traversal Remote Code Vulnerability. This vulnerability allows an unauthenticated user to achieve the Remote Code Execution.	Access_rights_manager	9.8
2021-10-21	CVE-2021-35227	The HTTP interface was enabled for RabbitMQ Plugin in ARM 2020.2.6 and the ability to configure HTTPS was not available.	Access_rights_manager	7.8