PT-2023-6349 · Solarwinds · Solarwinds Access Rights Manager
Sinsinology
·
Published
2023-10-19
·
Updated
2023-12-28
·
CVE-2023-35185
CVSS v2.0
10
High
| Vector | AV:N/AC:L/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
SolarWinds Access Rights Manager (affected versions not specified)
Description
The issue is related to a Directory Traversal Remote Code Vulnerability in the SolarWinds Access Rights Manager. This vulnerability can be exploited by a remote attacker to execute arbitrary code using SYSTEM privileges. The vulnerability is associated with incorrect restriction of the directory path name with limited access.
Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Path traversal
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Solarwinds Access Rights Manager