PT-2023-6350 · Solarwinds · Solarwinds Access Rights Manager

Chudypb

+1

·

Publicado

2023-10-19

·

Atualizado

2023-10-25

·

CVE-2023-35183

CVSS v3.1

7.8

Alta

VetorAV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions SolarWinds Access Rights Manager (affected versions not specified)
Description The issue is related to incorrectly used default permissions in the SolarWinds Access Rights Manager, allowing authenticated users to abuse local resources for privilege escalation.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Incorrect Default Permissions

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-276

Identificadores relacionados

BDU:2023-07062
CVE-2023-35183
ZDI-23-1562

Produtos afetados

Solarwinds Access Rights Manager