SolarWinds Access Rights Manager OpenFile Directory Traversal Remote Code Execution Vulnerability
(CVE-2023-35185)
Summary
The SolarWinds Access Rights Manager was susceptible to a Directory Traversal Remote Code Vulnerability using SYSTEM privileges.
Affected Products
- SolarWinds ARM 2023.2.0.73 and prior versions
Fixed Software Release
Acknowledgments
- Sina Kheirkhah (@SinSinology) of Summoning Team (@SummoningTeam) working with Trend Micro Zero Day Initiative
Advisory Details
Severity
8.8 High
Advisory ID
First Published
10/18/2023
Last Updated
10/18/2023