Summary

SolarWinds Access Rights Manager (ARM) was found to be susceptible to a remote code execution vulnerability. If exploited, this vulnerability would allow an authenticated user to abuse the service, resulting in remote code execution.

Affected Products

SolarWinds ARM 2024.3 and prior versions

Fixed Software Release

SolarWinds Access Rights Manager (ARM) 2024.3.1

Acknowledgments

Piotr Bazydlo (@chudypb) of Trend Micro Zero Day Initiative