SolarWinds Access Rights Manager Flaw


IT and security administrators can utilize SolarWinds Access Rights Manager (ARM) to efficiently manage and audit user access rights to data, systems, and files. 

The software provides an easy-to-use interface for provisioning, de-provisioning, and overseeing access, which helps safeguard organizations from potential data loss and breaches.

Access Rights Manager 2023.2 was impacted with multiple flaws that let a remote attacker escalate privileges and execute remote code.

Document

FREE Demo

Implementing AI-Powered Email security solutions “Trustifi” can secure your business from today’s most dangerous email threats, such as Email Tracking, Blocking, Modifying, Phishing, Account Take Over, Business Email Compromise, Malware & Ransomware


Vulnerabilities Affected 

CVE-2023-35180: Remote Code Execution Vulnerability

A Remote Code Execution Vulnerability had been detected in SolarWinds Access Rights Manager, which authenticated users can exploit to misuse the SolarWinds ARM API.

CVE-2023-35181: Privilege Escalation Vulnerability

There was a Privilege Escalation Vulnerability in the SolarWinds Access Rights Manager. This vulnerability occurred due to incorrect folder permissions, enabling users to exploit and escalate their privileges.

CVE-2023-35182: Remote Code Execution Vulnerability

A vulnerability was found in SolarWinds Access Rights Manager that could allow remote code execution. Attackers not authenticated on the SolarWinds ARM Server can exploit this vulnerability to gain unauthorized access to sensitive information or carry out malicious actions.

CVE-2023-35183: Privilege Escalation Vulnerability

A Privilege Escalation Vulnerability was detected in the SolarWinds Access Rights Manager, which authenticated users could exploit to gain unauthorized privileges and access to local resources. This vulnerability enables users to misuse local resources for privilege escalation.

CVE-2023-35184: Remote Code Execution Vulnerability

The SolarWinds Access Rights Manager was vulnerable to a Remote Code Execution exploit, allowing an attacker to execute code remotely by abusing a SolarWinds service without authentication.

CVE-2023-35185: Remote Code Execution Vulnerability

The SolarWinds Access Rights Manager was found to have a vulnerability that allowed remote attackers to execute arbitrary code by exploiting a directory traversal flaw. This flaw allowed attackers to gain SYSTEM privileges and potentially compromise the affected system.

CVE-2023-35186: Remote Code Execution Vulnerability

The SolarWinds Access Rights Manager had a flaw, allowing someone to control it from afar. This means that someone who was allowed to use SolarWinds could misuse it and make it do things it shouldn’t.

CVE-2023-35187: Remote Code Execution Vulnerability

A Directory Traversal Remote Code Vulnerability could be exploited on SolarWinds Access Rights Manager with the use of SYSTEM privileges.

Protect yourself from vulnerabilities using Patch Manager Plus to patch over 850 third-party applications quickly. Take advantage of the free trial to ensure 100% security.



Source link