SolarWinds reports vulnerabilities in Access Rights Manager, one critical
Take action: If you are using SolarWinds Access Rights Manager (ARM), plan a round of patching soon. While all the flaws have preconditions and details are not disclosed, attackers will find a way to exploit them soon enough. No need to panic, but don't delay too much.
Learn More
SolarWinds, has disclosed two vulnerabilities in its Access Rights Manager (ARM) platform, potentially allowing attackers to bypass authentication and execute remote code.
Vulnerability details
-
CVE-2024-28991 (CVSS score 9.0) - enables an attacker who has already authenticated to the ARM platform to execute arbitrary code. Successful exploitation could grant the attacker full control over the compromised systems, posing a severe threat to organizations relying on ARM for access management. The vulnerability's exploitation mechanism has not been fully disclosed by the developers, and there is currently no available method for administrators to detect if their systems have been compromised.
-
CVE-2024-28990 (CVSS score 6.3) - hard-coded access data. This flaw allows attackers to gain unauthorized access to the management console of the RabbitMQ message broker software used within ARM.
SolarWinds has released the Access Rights Manager 2024.3.1 update to address these vulnerabilities. This update not only patches the identified flaws but also includes several bug fixes aimed at enhancing the platform's overall functionality. Some of the improvements include resolving warning messages that appear when scanning Active Directory servers. However, known issues remain, such as potential failures when scanning Exchange servers.
Organizations using SolarWinds Access Rights Manager are strongly advised to apply the 2024.3.1 update immediately.
