May 15, 2024, 5 a.m. |

ZDI: Published Advisories www.zerodayinitiative.com

This vulnerability allows remote attackers to bypass authentication on affected installations of SolarWinds Access Rights Manager. Authentication is not required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 8.6. The following CVEs are assigned: CVE-2024-23473.

access access rights attackers authentication authentication bypass bypass bypass vulnerability credentials cve cve-2024 cves cvss exploit hard hard-coded credentials manager rating rights solarwinds solarwinds access rights manager vulnerability zdi

More from www.zerodayinitiative.com / ZDI: Published Advisories

Sr. Product Manager

@ MixMode | Remote, US

Information Security Engineers

@ D. E. Shaw Research | New York City

Technology Security Analyst

@ Halton Region | Oakville, Ontario, Canada

Senior Cyber Security Analyst

@ Valley Water | San Jose, CA

Engineer I, S/W QA Cyber Security

@ Boston Scientific | Pune, IN

Application Security and Secure-SDLC Expert

@ CYE | Herzliya, Israel