← voltar
CVE-2023-35186

SolarWinds Access Rights Manager Deserialization of Untrusted Data Remote Code Execution Vulnerability

CVSS 8 HIGHEPSS 2.2%CWE-502
Vexday Risk Score
21Baixo
Decisão SSVC (CISA)
Track
Sem sinal de exploração → monitorar
CVSS 8EPSS 2.2%KEV nãoPoC Nuclei Metasploit Patch
Ciclo de vida
19 out 2023Publicada no NVD
Recomendação: Monitorar — sem sinal de exploração no momento.
The SolarWinds Access Rights Manager was susceptible to Remote Code Execution Vulnerability. This vulnerability allows an authenticated user to abuse SolarWinds service resulting in remote code execution.
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Produtos afetados
SolarWinds · Access Rights Manager

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://documentation.solarwinds.com/en/success_center/arm/content/release_notes/arm_2023-2-1_release_notes.htmhttps://www.solarwinds.com/trust-center/security-advisories/CVE-2023-35186