SolarWinds Access Rights Manager Incorrect Default Permissions Local Privilege Escalation Vulnerability
(CVE-2023-35181)
Summary
The SolarWinds Access Rights Manager was susceptible to Privilege
Escalation Vulnerability. This vulnerability allows users to abuse
incorrect folder permission resulting in Privilege Escalation.
Affected Products
- SolarWinds ARM 2023.2.0.73 and prior versions
Fixed Software Release
Acknowledgments
- Piotr Bazydlo (@chudypb) of Trend Micro Zero Day Initiative
Advisory Details
Severity
7.8 High
Advisory ID
First Published
10/18/2023
Last Published
10/18/2023