CVE-2024-23478

CVSS 3.1 Score 8.0 of 10 (high)

Details

Published Feb 15, 2024

Updated: Feb 20, 2024

CWE ID 502

Summary

CVE-2024-23478 is a Remote Code Execution vulnerability affecting SolarWinds Access Rights Manager (ARM). An authenticated user can misuse a SolarWinds service, leading to code execution at the target's system, posing a significant risk to the security of the affected organization. This issue grants attackers the ability to execute arbitrary commands and potentially gain unauthorized access, making it a critical threat to be addressed promptly.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Solarwinds Access Rights Manager

Affected Vendors

SolarWinds Inc.

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/uiFlZ3
https://www.cve.org/CVERecord?id=CVE-2024-23478
https://nvd.nist.gov/vuln/detail/CVE-2024-23478

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

Measuring the US-China AI Gap

TerraStealerV2 and TerraLogger: Golden Chickens' New Malware Families Discovered

Uncovering MintsLoader With Recorded Future Malware Intelligence Hunting

Know What Matters

For Customers

For Partners