CVE-2024-28990: 
SolarWinds Access Rights Manager vulnerability analysis and mitigation

SolarWinds Access Rights Manager (ARM) was identified with a hard-coded credential authentication bypass vulnerability (CVE-2024-28990). The vulnerability was discovered by Piotr Bazydlo of Trend Micro Zero Day Initiative (ZDI) and affects ARM versions prior to 2024.3.1. The issue was disclosed on September 12, 2024, and received a CVSS v3.1 base score of 6.3 (Medium) from SolarWinds, while the NVD assessment rated it at 8.8 (High) (SolarWinds Advisory, NVD).

The vulnerability exists within the configuration of a RabbitMQ instance and stems from the use of hard-coded credentials. The flaw is classified under CWE-798 (Use of Hard-coded Credentials). According to the CVSS vector string CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H assigned by NVD, the vulnerability requires adjacent network access, has low attack complexity, requires no privileges or user interaction, and could result in high impacts to confidentiality, integrity, and availability (ZDI Advisory, CERT-EU).

If successfully exploited, this vulnerability would allow unauthorized access to the RabbitMQ management console. The potential impact includes unauthorized access to sensitive data and possible compromise of the ARM system's security controls (CERT-EU).

SolarWinds has released version 2024.3.1 of Access Rights Manager to address this vulnerability. Organizations are strongly advised to update their ARM installations to this latest version immediately (ARM Release Notes).