{ "file_item": { "filepath": "security-advisories", "filename": "CERT-EU-SA2024-071.pdf" }, "title": "Critical Vulnerabilities in SolarWinds Access Rights Manager", "serial_number": "2024-071", "publish_date": "19-07-2024 17:30:40", "description": "On July 18, 2024, SolarWinds issued an advisory addressing multiple critical vulnerabilities in its Access Rights Manager (ARM) software. These vulnerabilities could lead to remote code execution, arbitrary file deletion and sensitive information leakage.
\nIt is recommended updating affected systems immediately.
\n", "url_title": "2024-071", "content_markdown": "---\ntitle: 'Critical Vulnerabilities in\u00a0SolarWinds\u00a0Access\u00a0Rights\u00a0Manager'\nnumber: '2024-071'\nversion: '1.0'\noriginal_date: 'July 18, 2024'\ndate: 'July 19, 2024'\n---\n\n_History:_\n\n* _19/07/2024 --- v1.0 -- Initial publication_\n\n# Summary\n\nOn July 18, 2024, SolarWinds issued an advisory addressing multiple critical vulnerabilities in its Access Rights Manager (ARM) software [1,2]. These vulnerabilities could lead to remote code execution, arbitrary file deletion and sensitive information leakage.\n\nIt is recommended updating affected systems immediately.\n\n# Technical Details\n\n\nThe vulnerabilities **CVE-2024-23469**, **CVE-2024-23466**, **CVE-2024-23467**, **CVE-2024-28074**, **CVE-2024-23471**, and **CVE-2024-23470**, all with a CVSS score of 9.6, could lead to remote code execution if exploited. They are due to various critical flaws.\n\nThe vulnerabilities **CVE-2024-23475**, and **CVE-2024-23472**, both with a CVSS score of 9.6, are directory traversal and sensitive information disclosure flaws.\n\nThe vulnerability **CVE-2024-23465**, with a CVSS score of 8.3, is an authentication bypass vulnerability.\n\n# Affected Products\n\n- SolarWinds Access Rights Manager versions prior to 2024.3.\n\n# Recommendations\n\nCERT-EU recommends updating affected devices to the latest version of SolarWinds Access Rights Manager as soon as possible.\n\n# References\n\n[1] \n\n[2] ", "content_html": "

History:

Summary

On July 18, 2024, SolarWinds issued an advisory addressing multiple critical vulnerabilities in its Access Rights Manager (ARM) software [1,2]. These vulnerabilities could lead to remote code execution, arbitrary file deletion and sensitive information leakage.

It is recommended updating affected systems immediately.

Technical Details

The vulnerabilities CVE-2024-23469, CVE-2024-23466, CVE-2024-23467, CVE-2024-28074, CVE-2024-23471, and CVE-2024-23470, all with a CVSS score of 9.6, could lead to remote code execution if exploited. They are due to various critical flaws.

The vulnerabilities CVE-2024-23475, and CVE-2024-23472, both with a CVSS score of 9.6, are directory traversal and sensitive information disclosure flaws.

The vulnerability CVE-2024-23465, with a CVSS score of 8.3, is an authentication bypass vulnerability.

Affected Products

Recommendations

CERT-EU recommends updating affected devices to the latest version of SolarWinds Access Rights Manager as soon as possible.

References

[1] https://www.bleepingcomputer.com/news/security/solarwinds-fixes-8-critical-bugs-in-access-rights-audit-software/

[2] https://www.solarwinds.com/trust-center/security-advisories

", "licence": { "title": "Creative Commons Attribution 4.0 International (CC-BY 4.0)", "link": "https://creativecommons.org/licenses/by/4.0/", "restrictions": "https://cert.europa.eu/legal-notice", "author": "The Cybersecurity Service for the Union institutions, bodies, offices and agencies" } }