exploitDog

CVE-2024-28993

Опубликовано: 17 июл. 2024

Источник: nvd

CVSS3: 7.6

CVSS3: 8.3

EPSS Низкий

Описание

The SolarWinds Access Rights Manager was susceptible to a Directory Traversal and Information Disclosure Vulnerability. This vulnerability allows an unauthenticated user to perform arbitrary file deletion and leak sensitive information.

Ссылки

https://documentation.solarwinds.com/en/success_center/arm/content/release_notes/arm_2024-3_release_notes.htm
Release Notes
Vendor Advisory
https://documentation.solarwinds.com/en/success_center/arm/content/release_notes/arm_2024-3_release_notes.htm
Release Notes
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:solarwinds:access_rights_manager:*:*:*:*:*:*:*:*

Версия до 2024.3 (исключая)

EPSS

Процентиль: 70%

0.00636

Низкий

7.6 High

CVSS3

8.3 High

CVSS3

Дефекты

CWE-22

Связанные уязвимости

GHSA-hg5v-hmf4-qqh9

CVSS3: 7.6

github

больше 1 года назад

The SolarWinds Access Rights Manager was susceptible to a Directory Traversal and Information Disclosure Vulnerability. This vulnerability allows an unauthenticated user to perform arbitrary file deletion and leak sensitive information.

EPSS

Процентиль: 70%

0.00636

Низкий

7.6 High

CVSS3

8.3 High

CVSS3

Дефекты

CWE-22