Lucene search
HistoryOct 19, 2023 - 3:15 p.m.
CVE-2023-35185
solarwinds
access rights manager
directory traversal
remote code vulnerability
nvd
cve-2023-35185
6.8 Medium
CVSS3
Attack Vector
ADJACENT
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
7 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
40.0%
The SolarWinds Access Rights Manager was susceptible to a Directory Traversal Remote Code Vulnerability using SYSTEM privileges.
Affected configurations
Node
solarwindsaccess_rights_managerRange≤2023.2.0.73
| CPE | Name | Operator | Version |
|---|---|---|---|
| solarwinds:access_rights_manager | solarwinds access rights manager | le | 2023.2.0.73 |
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "Access Rights Manager",
"vendor": "SolarWinds",
"versions": [
{
"lessThanOrEqual": "2023.2.0.73",
"status": "affected",
"version": "previous versions",
"versionType": "2023.2"
}
]
}
]References
Social References
More
Related
prion
prion
Directory traversal
2023-10-19 15:15:00
nvd
nvd
CVE-2023-35185
2023-10-19 15:15:09
cvelist
cvelist
zdi
zdi
thn
thn
Alert: PoC Exploits Released for Citrix and VMware Vulnerabilities
2023-10-25 04:47:00
6.8 Medium
CVSS3
Attack Vector
ADJACENT
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
7 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
40.0%
Related for CVE-2023-35185