Vulnerabilities > Solarwinds > Critical

DATE CVE VULNERABILITY TITLE RISK
2024-09-12 CVE-2024-28990 Use of Hard-coded Credentials vulnerability in Solarwinds Access Rights Manager
SolarWinds Access Rights Manager (ARM) was found to contain a hard-coded credential authentication bypass vulnerability.
network
low complexity
solarwinds CWE-798
critical
 9.8
9.8
2024-08-21 CVE-2024-28987 Use of Hard-coded Credentials vulnerability in Solarwinds web Help Desk
The SolarWinds Web Help Desk (WHD) software is affected by a hardcoded credential vulnerability, allowing remote unauthenticated user to access internal functionality and modify data.
network
low complexity
solarwinds CWE-798
critical
 9.1
9.1
2024-08-13 CVE-2024-28986 Deserialization of Untrusted Data vulnerability in Solarwinds web Help Desk
SolarWinds Web Help Desk was found to be susceptible to a Java Deserialization Remote Code Execution vulnerability that, if exploited, would allow an attacker to run commands on the host machine.
network
low complexity
solarwinds CWE-502
critical
 9.8
9.8
2024-07-17 CVE-2024-23465 Improper Authentication vulnerability in Solarwinds Access Rights Manager
The SolarWinds Access Rights Manager was found to be susceptible to an authentication bypass vulnerability.
network
low complexity
solarwinds CWE-287
critical
 9.8
9.8
2024-07-17 CVE-2024-23466 Path Traversal vulnerability in Solarwinds Access Rights Manager
SolarWinds Access Rights Manager (ARM) is susceptible to a Directory Traversal Remote Code Execution vulnerability.
network
low complexity
solarwinds CWE-22
critical
 9.8
9.8
2024-07-17 CVE-2024-23467 Path Traversal vulnerability in Solarwinds Access Rights Manager
The SolarWinds Access Rights Manager was susceptible to a Directory Traversal and Information Disclosure Vulnerability.
network
low complexity
solarwinds CWE-22
critical
 9.8
9.8
2024-07-17 CVE-2024-23468 Path Traversal vulnerability in Solarwinds Access Rights Manager
The SolarWinds Access Rights Manager was susceptible to a Directory Traversal and Information Disclosure Vulnerability.
network
low complexity
solarwinds CWE-22
critical
 9.4
9.4
2024-07-17 CVE-2024-23469 Improper Input Validation vulnerability in Solarwinds Access Rights Manager
SolarWinds Access Rights Manager (ARM) is susceptible to a Remote Code Execution vulnerability.
network
low complexity
solarwinds CWE-20
critical
 9.8
9.8
2024-07-17 CVE-2024-23470 Improper Authentication vulnerability in Solarwinds Access Rights Manager
The SolarWinds Access Rights Manager was found to be susceptible to a pre-authentication remote code execution vulnerability.
network
low complexity
solarwinds CWE-287
critical
 9.8
9.8
2024-07-17 CVE-2024-23471 Improper Authentication vulnerability in Solarwinds Access Rights Manager
The SolarWinds Access Rights Manager was found to be susceptible to a Remote Code Execution Vulnerability.
network
low complexity
solarwinds CWE-287
critical
 9.8
9.8