CVE-2024-23465

Summary

The SolarWinds Access Rights Manager was found to be susceptible to an authentication bypass vulnerability. This vulnerability allows an unauthenticated user to gain domain admin access within the Active Directory environment.  

Affected Software

VendorProductVersion RangeStatus
SolarWindsAccess Rights Managerprevious versions <= 2023.2.4affected

Weaknesses

  • CWE-287: CWE-287 Improper Authentication

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

CVE Program Container

Additional References

References