Lucene search
SolarWindsCVELIST:CVE-2023-35185HistoryOct 19, 2023 - 2:24 p.m.
CVE-2023-35185 SolarWinds Access Rights Manager OpenFile Directory Traversal Remote Code Execution Vulnerability
2023-10-1914:24:15
CWE-22
SolarWinds
www.cve.org
7
solarwinds
access rights manager
directory traversal
remote code execution
vulnerability
system privileges
CVSS3
6.8
Attack Vector
ADJACENT
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
EPSS
0.001
Percentile
29.7%
The SolarWinds Access Rights Manager was susceptible to a Directory Traversal Remote Code Vulnerability using SYSTEM privileges.
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "Access Rights Manager",
"vendor": "SolarWinds",
"versions": [
{
"lessThanOrEqual": "2023.2.0.73",
"status": "affected",
"version": "previous versions",
"versionType": "2023.2"
}
]
}
]Related
cve
cve
CVE-2023-35185
2023-10-19 15:15:09
prion
prion
Directory traversal
2023-10-19 15:15:00
nvd
nvd
CVE-2023-35185
2023-10-19 15:15:09
zdi
zdi
thn
thn
Alert: PoC Exploits Released for Citrix and VMware Vulnerabilities
2023-10-25 04:47:00
CVSS3
6.8
Attack Vector
ADJACENT
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
EPSS
0.001
Percentile
29.7%
Related for CVELIST:CVE-2023-35185