Multiple vulnerabilities in SolarWinds Access Rights Manager

1) Path traversal

EUVDB-ID: #VU94597

Risk: Low

CVSSv3.1: 6.6 [CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-28992

CWE-ID: CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform directory traversal attacks.

The vulnerability exists due to input validation error when processing directory traversal sequences. A remote attacker on the local network can send a specially crafted HTTP request and read or delete arbitrary files on the system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Access Rights Manager: 2023.2.4

CPE2.3

External links

http://documentation.solarwinds.com/en/success_center/arm/content/release_notes/arm_2024-3_release_notes.htm
http://www.zerodayinitiative.com/advisories/ZDI-24-905/
http://www.zerodayinitiative.com/advisories/ZDI-24-1020/

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Exposed dangerous method or function

EUVDB-ID: #VU94609

Risk: Medium

CVSSv3.1: 8.3 [CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-23470

CWE-ID: CWE-749 - Exposed Dangerous Method or Function

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise the system.

The vulnerability exists due to exposed dangerous method or function. A remote attacker on the local network can execute arbitrary code on the target system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Access Rights Manager: 2023.2.4

CPE2.3

External links

http://documentation.solarwinds.com/en/success_center/arm/content/release_notes/arm_2024-3_release_notes.htm
http://www.zerodayinitiative.com/advisories/ZDI-24-911/

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Exposed dangerous method or function

EUVDB-ID: #VU94608

Risk: Medium

CVSSv3.1: 7.2 [CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-23465

CWE-ID: CWE-749 - Exposed Dangerous Method or Function

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise the system.

The vulnerability exists due to exposed dangerous method or function. A remote attacker on the local network can bypass authentication on the target system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Access Rights Manager: 2023.2.4

CPE2.3

External links

http://documentation.solarwinds.com/en/success_center/arm/content/release_notes/arm_2024-3_release_notes.htm
http://www.zerodayinitiative.com/advisories/ZDI-24-907/

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Exposed dangerous method or function

EUVDB-ID: #VU94607

Risk: Medium

CVSSv3.1: 8.3 [CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-23469

CWE-ID: CWE-749 - Exposed Dangerous Method or Function

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise the system.

The vulnerability exists due to exposed dangerous method or function. A remote attacker on the local network can execute arbitrary code on the target system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Access Rights Manager: 2023.2.4

CPE2.3

External links

http://documentation.solarwinds.com/en/success_center/arm/content/release_notes/arm_2024-3_release_notes.htm
http://www.zerodayinitiative.com/advisories/ZDI-24-912/

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) Path traversal

EUVDB-ID: #VU94606

Risk: Medium

CVSSv3.1: 8.3 [CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-23471

CWE-ID: CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform directory traversal attacks.

The vulnerability exists due to input validation error when processing directory traversal sequences. A remote attacker on the local network can send a specially crafted HTTP request and read arbitrary files on the system, leading to arbitrary code execution.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Access Rights Manager: 2023.2.4

CPE2.3

External links

http://documentation.solarwinds.com/en/success_center/arm/content/release_notes/arm_2024-3_release_notes.htm
http://www.zerodayinitiative.com/advisories/ZDI-24-910/

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

6) Path traversal

EUVDB-ID: #VU94605

Risk: Medium

CVSSv3.1: 8.3 [CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-23472

CWE-ID: CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform directory traversal attacks.

The vulnerability exists due to input validation error when processing directory traversal sequences. A remote attacker on the local network can send a specially crafted HTTP request and read or delete arbitrary files on the system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Access Rights Manager: 2023.2.4

CPE2.3

External links

http://documentation.solarwinds.com/en/success_center/arm/content/release_notes/arm_2024-3_release_notes.htm
http://www.zerodayinitiative.com/advisories/ZDI-24-915/

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

7) Deserialization of Untrusted Data

EUVDB-ID: #VU94604

Risk: Medium

CVSSv3.1: 8.3 [CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-28074

CWE-ID: CWE-502 - Deserialization of Untrusted Data

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to insecure input validation when processing serialized data. A remote attacker on the local network can pass specially crafted data to the application and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Access Rights Manager: 2023.2.4

CPE2.3

External links

http://documentation.solarwinds.com/en/success_center/arm/content/release_notes/arm_2024-3_release_notes.htm
http://www.zerodayinitiative.com/advisories/ZDI-24-906/

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

8) Path traversal

EUVDB-ID: #VU94603

Risk: Medium

CVSSv3.1: 8.3 [CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-23466

CWE-ID: CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform directory traversal attacks.

The vulnerability exists due to input validation error when processing directory traversal sequences. A remote attacker on the local network can send a specially crafted HTTP request and read arbitrary files on the system, leading to arbitrary code execution.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Access Rights Manager: 2023.2.4

CPE2.3

External links

http://documentation.solarwinds.com/en/success_center/arm/content/release_notes/arm_2024-3_release_notes.htm
http://www.zerodayinitiative.com/advisories/ZDI-24-908/

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

9) Path traversal

EUVDB-ID: #VU94602

Risk: Low

CVSSv3.1: 6.6 [CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-23468

CWE-ID: CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform directory traversal attacks.

The vulnerability exists due to input validation error when processing directory traversal sequences. A remote attacker on the local network can send a specially crafted HTTP request and read or delete arbitrary files on the system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Access Rights Manager: 2023.2.4

CPE2.3

External links

http://documentation.solarwinds.com/en/success_center/arm/content/release_notes/arm_2024-3_release_notes.htm
http://www.zerodayinitiative.com/advisories/ZDI-24-913/

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

10) Path traversal

EUVDB-ID: #VU94601

Risk: Low

CVSSv3.1: 6.6 [CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-23474

CWE-ID: CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform directory traversal attacks.

The vulnerability exists due to input validation error when processing directory traversal sequences. A remote attacker on the local network can send a specially crafted HTTP request and read or delete arbitrary files on the system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Access Rights Manager: 2023.2.4

CPE2.3

External links

http://documentation.solarwinds.com/en/success_center/arm/content/release_notes/arm_2024-3_release_notes.htm
http://www.zerodayinitiative.com/advisories/ZDI-24-914/

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

11) Path traversal

EUVDB-ID: #VU94600

Risk: Medium

CVSSv3.1: 8.3 [CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-23475

CWE-ID: CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform directory traversal attacks.

The vulnerability exists due to input validation error when processing directory traversal sequences. A remote attacker on the local network can send a specially crafted HTTP request and read or delete arbitrary files on the system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Access Rights Manager: 2023.2.4

CPE2.3

External links

http://documentation.solarwinds.com/en/success_center/arm/content/release_notes/arm_2024-3_release_notes.htm
http://www.zerodayinitiative.com/advisories/ZDI-24-916/

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

12) Path traversal

EUVDB-ID: #VU94599

Risk: Low

CVSSv3.1: 6.6 [CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-28993

CWE-ID: CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform directory traversal attacks.

The vulnerability exists due to input validation error when processing directory traversal sequences. A remote attacker on the local network can send a specially crafted HTTP request and read or delete arbitrary files on the system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Access Rights Manager: 2023.2.4

CPE2.3

External links

http://documentation.solarwinds.com/en/success_center/arm/content/release_notes/arm_2024-3_release_notes.htm

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

13) Path traversal

EUVDB-ID: #VU94598

Risk: Medium

CVSSv3.1: 8.3 [CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-23467

CWE-ID: CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform directory traversal attacks.

The vulnerability exists due to input validation error when processing directory traversal sequences. A remote attacker on the local network can send a specially crafted HTTP request and read arbitrary files on the system, leading to arbitrary code execution.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Access Rights Manager: 2023.2.4

CPE2.3

External links

http://documentation.solarwinds.com/en/success_center/arm/content/release_notes/arm_2024-3_release_notes.htm
http://www.zerodayinitiative.com/advisories/ZDI-24-909/

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Risk	Medium
Patch available	YES
Number of vulnerabilities	13
CVE-ID	CVE-2024-28992 CVE-2024-23470 CVE-2024-23465 CVE-2024-23469 CVE-2024-23471 CVE-2024-23472 CVE-2024-28074 CVE-2024-23466 CVE-2024-23468 CVE-2024-23474 CVE-2024-23475 CVE-2024-28993 CVE-2024-23467
CWE-ID	CWE-22 CWE-749 CWE-502
Exploitation vector	Local network
Public exploit	N/A
Vulnerable software Subscribe	Access Rights Manager Server applications / Other server solutions
Vendor	SolarWinds