Vulnerability Description
SolarWinds Access Rights Manager (ARM) is susceptible to Directory Traversal vulnerability. This vulnerability allows an authenticated user to arbitrary read and delete files in ARM.
CVSS Score
9.6
CRITICAL
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Solarwinds | Access Rights Manager | <= 2023.2.4 |
Related Weaknesses (CWE)
References
- https://documentation.solarwinds.com/en/success_center/arm/content/release_notesRelease NotesVendor Advisory
- https://documentation.solarwinds.com/en/success_center/arm/content/release_notesRelease NotesVendor Advisory
FAQ
What is CVE-2024-23472?
CVE-2024-23472 is a vulnerability with a CVSS score of 9.6 (CRITICAL). SolarWinds Access Rights Manager (ARM) is susceptible to Directory Traversal vulnerability. This vulnerability allows an authenticated user to arbitrary read and delete files in ARM.
How severe is CVE-2024-23472?
CVE-2024-23472 has been rated CRITICAL with a CVSS base score of 9.6/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2024-23472?
Check the references section above for vendor advisories and patch information. Affected products include: Solarwinds Access Rights Manager.