PT-2024-5113 · Solarwinds · Solarwinds Access Rights Manager
Chudypb
+1
·
Published
2024-01-17
·
Updated
2024-09-10
·
CVE-2024-23465
CVSS v3.1
8.8
High
| Vector | AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions:
SolarWinds Access Rights Manager (affected versions not specified)
Description:
The SolarWinds Access Rights Manager was found to have an authentication bypass issue, allowing an unauthenticated user to gain domain admin access within the Active Directory environment. This is due to weaknesses in the authentication procedure, potentially resulting from the use of dangerous methods or functions. An attacker could exploit this to bypass security restrictions and elevate their privileges.
Recommendations:
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Improper Authentication
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Solarwinds Access Rights Manager