Vulnerabilities > Solarwinds > Access Rights Manager > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-21 | CVE-2023-40058 | Unspecified vulnerability in Solarwinds Access Rights Manager Sensitive data was added to our public-facing knowledgebase that, if exploited, could be used to access components of Access Rights Manager (ARM) if the threat actor is in the same environment. low complexity solarwinds | 6.5 |
| 2023-10-19 | CVE-2023-35185 | Path Traversal vulnerability in Solarwinds Access Rights Manager The SolarWinds Access Rights Manager was susceptible to a Directory Traversal Remote Code Vulnerability using SYSTEM privileges. | 6.8 |
| 2021-10-21 | CVE-2021-35227 | Deserialization of Untrusted Data vulnerability in Solarwinds Access Rights Manager The HTTP interface was enabled for RabbitMQ Plugin in ARM 2020.2.6 and the ability to configure HTTPS was not available. | 4.6 |