A huge collection of 3400+ free website templates JAR theme com WP themes and more at the biggest community-driven free web design site
Home / security-advisories / Remote Code Execution Vulnerabilities in SolarWinds Access Rights Manager (ARM) (CVE-2024-23469, CVE-2024-23467, CVE-2024-23471)

Remote Code Execution Vulnerabilities in SolarWinds Access Rights Manager (ARM) (CVE-2024-23469, CVE-2024-23467, CVE-2024-23471)

Advisory No: TZCERT/SA/2024/07/19-3

Date of First Release: 19th July 2024

Source: SolarWinds

Software Affected: SolarWinds Access Rights Manager (ARM)

Overview:

Critical vulnerabilities affect SolarWinds ARM. An attacker can leverage the vulnerabilities to execute remote arbitrary code on the affected device.

Description:

SolarWinds Access Rights Manager (ARM) is vulnerable to three (3) critical vulnerabilities all with 9.6 CSVV scores and tracked as CVE-2024-23469, CVE-2024-23467, CVE-2024-23471. Successful exploitation of these vulnerabilities allows an unauthenticated user to perform remote code execution with SYSTEM privileges.

Impact:

Successful exploitation of these vulnerabilities may allow the attacker to take control of the affected system.

Solution:

SolarWinds has released security patches for these vulnerabilities. Users and administrators are encouraged to apply necessary updates.

References:

  1. https://www.solarwinds.com/trust-center/security-advisories/cve-2024-23469
  2. https://www.solarwinds.com/trust-center/security-advisories/cve-2024-23467
  3. https://www.solarwinds.com/trust-center/security-advisories/cve-2024-23471

Best free WordPress theme

Check Also

Critical Vulnerabilities leading to RCE in WordPress (CVE-2024-5932, CVE-2024-7777)

Advisory No: TZCERT/SA/2024/08/20 Date of First Release: 20th August 2024 Source: Wordfence Software Affected: give, …

DISCLAIMER |FAQ |CONTACT US
Tanzania Computer Emergency Response Team © Copyright 2024, All Rights Reserved.