Vulnerabilities > Solarwinds > Access Rights Manager > Critical

DATE CVE VULNERABILITY TITLE RISK
2024-09-12 CVE-2024-28990 Use of Hard-coded Credentials vulnerability in Solarwinds Access Rights Manager
SolarWinds Access Rights Manager (ARM) was found to contain a hard-coded credential authentication bypass vulnerability.
network
low complexity
solarwinds CWE-798
critical
 9.8
9.8
2024-07-17 CVE-2024-28993 Path Traversal vulnerability in Solarwinds Access Rights Manager
The SolarWinds Access Rights Manager was susceptible to a Directory Traversal and Information Disclosure Vulnerability.
network
low complexity
solarwinds CWE-22
critical
 9.4
9.4
2024-07-17 CVE-2024-28992 Path Traversal vulnerability in Solarwinds Access Rights Manager
The SolarWinds Access Rights Manager was susceptible to a Directory Traversal and Information Disclosure Vulnerability.
network
low complexity
solarwinds CWE-22
critical
 9.4
9.4
2024-07-17 CVE-2024-28074 Deserialization of Untrusted Data vulnerability in Solarwinds Access Rights Manager
It was discovered that a previous vulnerability was not completely fixed with SolarWinds Access Rights Manager.
network
low complexity
solarwinds CWE-502
critical
 9.8
9.8
2024-07-17 CVE-2024-23475 Path Traversal vulnerability in Solarwinds Access Rights Manager
The SolarWinds Access Rights Manager was susceptible to a Directory Traversal and Information Disclosure Vulnerability.
network
low complexity
solarwinds CWE-22
critical
 9.8
9.8
2024-07-17 CVE-2024-23474 Path Traversal vulnerability in Solarwinds Access Rights Manager
The SolarWinds Access Rights Manager was found to be susceptible to an Arbitrary File Deletion and Information Disclosure vulnerability.
network
low complexity
solarwinds CWE-22
critical
 9.8
9.8
2024-07-17 CVE-2024-23471 Improper Authentication vulnerability in Solarwinds Access Rights Manager
The SolarWinds Access Rights Manager was found to be susceptible to a Remote Code Execution Vulnerability.
network
low complexity
solarwinds CWE-287
critical
 9.8
9.8
2024-07-17 CVE-2024-23470 Improper Authentication vulnerability in Solarwinds Access Rights Manager
The SolarWinds Access Rights Manager was found to be susceptible to a pre-authentication remote code execution vulnerability.
network
low complexity
solarwinds CWE-287
critical
 9.8
9.8
2024-07-17 CVE-2024-23469 Improper Input Validation vulnerability in Solarwinds Access Rights Manager
SolarWinds Access Rights Manager (ARM) is susceptible to a Remote Code Execution vulnerability.
network
low complexity
solarwinds CWE-20
critical
 9.8
9.8
2024-07-17 CVE-2024-23468 Path Traversal vulnerability in Solarwinds Access Rights Manager
The SolarWinds Access Rights Manager was susceptible to a Directory Traversal and Information Disclosure Vulnerability.
network
low complexity
solarwinds CWE-22
critical
 9.4
9.4