Cloud Vulnerability DB
A community-led vulnerabilities database
Vulnerability DatabaseCVE-2024-23477
CVE-2024-23477:
SolarWinds Access Rights Manager vulnerability analysis and mitigation
Overview
The SolarWinds Access Rights Manager (ARM) was discovered to contain a Directory Traversal Remote Code Execution Vulnerability (CVE-2024-23477). This critical security flaw was identified in ARM version 2023.2.2 and prior versions, with the vulnerability being disclosed on February 15, 2024. The vulnerability allows unauthenticated users to achieve Remote Code Execution through directory traversal attacks (SolarWinds Advisory, NVD).
Technical details
The vulnerability exists within the openServerFileStream method and stems from inadequate validation of user-supplied paths prior to their use in file operations. It has received a CVSS v3.1 base score of 9.6 (Critical) from NIST with the vector string CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H, while SolarWinds assigned it a score of 7.9 (High) with the vector string CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H. The vulnerability is classified under CWE-22 (Improper Limitation of a Pathname to a Restricted Directory) (ZDI Advisory, NVD).
Impact
If successfully exploited, this vulnerability enables attackers to execute arbitrary code in the context of SYSTEM privileges. The potential impact includes installation of malware or ransomware, theft of sensitive data, disruption of critical business operations, and the possibility of launching attacks on connected networks (Security Online, Help Net Security).
Mitigation and workarounds
SolarWinds has released version 2023.2.3 of Access Rights Manager (ARM) which contains fixes for this vulnerability. Organizations are strongly advised to upgrade to this version as no alternative mitigations or workarounds have been provided (Help Net Security, SolarWinds Advisory).
Community reactions
The vulnerability was responsibly disclosed through the Trend Micro Zero Day Initiative (ZDI) program, with credit given to an anonymous researcher. The discovery has raised particular concern given SolarWinds' previous high-profile security incident in 2020, leading to increased scrutiny of their security practices (Help Net Security).
Additional resources
Source: This report was generated using AI
Related SolarWinds Access Rights Manager vulnerabilities:
Free Vulnerability Assessment
Benchmark your Cloud Security Posture
Evaluate your cloud security practices across 9 security domains to benchmark your risk level and identify gaps in your defenses.
Additional Wiz resources
Get a personalized demo
Ready to see Wiz in action?
"Best User Experience I have ever seen, provides full visibility to cloud workloads."
David EstlickCISO
"Wiz provides a single pane of glass to see what is going on in our cloud environments."
Adam FletcherChief Security Officer
"We know that if Wiz identifies something as critical, it actually is."
Greg PoniatowskiHead of Threat and Vulnerability Management