CVSS 3.1 Score 9.6 of 10 (high)


Published Feb 15, 2024
Updated: Feb 20, 2024


CVE-2024-23476 is a Directory Traversal Remote Code Execution Vulnerability affecting the SolarWinds Access Rights Manager (ARM) software. This vulnerability allows an unauthenticated user to achieve remote code execution. The vulnerability has a base severity of CRITICAL and a base score of 9.6. It poses a high risk to organizations as it can lead to unauthorized access and manipulation of sensitive data. The affected products include uBKeEC, uBKeED, uBKeEA, tz88t7, uBKeEB, uBKeEG, uBKeEE, uBKeEF, ulsvtQ, uBKeD-, and uBKeD_. To remediate this vulnerability, organizations should apply the necessary patches or updates provided by SolarWinds promptly.

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2024-23476 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options