Vulnerabilities > Solarwinds > Access Rights Manager
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-21 | CVE-2023-40058 | Unspecified vulnerability in Solarwinds Access Rights Manager Sensitive data was added to our public-facing knowledgebase that, if exploited, could be used to access components of Access Rights Manager (ARM) if the threat actor is in the same environment. low complexity solarwinds | 6.5 |
| 2023-10-19 | CVE-2023-35180 | Deserialization of Untrusted Data vulnerability in Solarwinds Access Rights Manager The SolarWinds Access Rights Manager was susceptible to Remote Code Execution Vulnerability. | 8.8 |
| 2023-10-19 | CVE-2023-35181 | Incorrect Default Permissions vulnerability in Solarwinds Access Rights Manager The SolarWinds Access Rights Manager was susceptible to Privilege Escalation Vulnerability. | 7.8 |
| 2023-10-19 | CVE-2023-35182 | Deserialization of Untrusted Data vulnerability in Solarwinds Access Rights Manager The SolarWinds Access Rights Manager was susceptible to Remote Code Execution Vulnerability. | 9.8 |
| 2023-10-19 | CVE-2023-35183 | Incorrect Default Permissions vulnerability in Solarwinds Access Rights Manager The SolarWinds Access Rights Manager was susceptible to Privilege Escalation Vulnerability. | 7.8 |
| 2023-10-19 | CVE-2023-35184 | Deserialization of Untrusted Data vulnerability in Solarwinds Access Rights Manager The SolarWinds Access Rights Manager was susceptible to Remote Code Execution Vulnerability. | 9.8 |
| 2023-10-19 | CVE-2023-35185 | Path Traversal vulnerability in Solarwinds Access Rights Manager The SolarWinds Access Rights Manager was susceptible to a Directory Traversal Remote Code Vulnerability using SYSTEM privileges. | 6.8 |
| 2023-10-19 | CVE-2023-35186 | Deserialization of Untrusted Data vulnerability in Solarwinds Access Rights Manager The SolarWinds Access Rights Manager was susceptible to Remote Code Execution Vulnerability. | 8.8 |
| 2023-10-19 | CVE-2023-35187 | Path Traversal vulnerability in Solarwinds Access Rights Manager The SolarWinds Access Rights Manager was susceptible to a Directory Traversal Remote Code Vulnerability. | 9.8 |
| 2021-10-21 | CVE-2021-35227 | Deserialization of Untrusted Data vulnerability in Solarwinds Access Rights Manager The HTTP interface was enabled for RabbitMQ Plugin in ARM 2020.2.6 and the ability to configure HTTPS was not available. | 4.6 |