CVE-2024-23468
CVSS 3.1 Score 9.4 of 10 (high)
Details
Published Jul 17, 2024
Updated: Jul 18, 2024
CWE ID 22
Summary
CVE-2024-23468 is a directory traversal and information disclosure vulnerability affecting SolarWinds Access Rights Manager. An unauthenticated user can exploit this weakness to delete arbitrary files and disclose sensitive information, posing a significant risk to system security. This vulnerability permits an attacker to manipulate file paths beyond intended limits, potentially leading to a range of undesirable outcomes. The SolarWinds Access Rights Manager team is urged to apply the necessary patches or updates to mitigate this exposure.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Affected Products
- Solarwinds Access Rights Manager
Affected Vendors
- SolarWinds Inc.