May 15, 2024, 5 a.m. |

ZDI: Published Advisories

This vulnerability allows remote attackers to bypass authentication on affected installations of SolarWinds Access Rights Manager. Authentication is not required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 8.6. The following CVEs are assigned: CVE-2024-23473.

access access rights attackers authentication authentication bypass bypass bypass vulnerability credentials cve cve-2024 cves cvss exploit hard hard-coded credentials manager rating rights solarwinds solarwinds access rights manager vulnerability zdi

More from / ZDI: Published Advisories

Sr. Product Manager

@ MixMode | Remote, US

Information Security Engineers

@ D. E. Shaw Research | New York City

Technology Security Analyst

@ Halton Region | Oakville, Ontario, Canada

Senior Cyber Security Analyst

@ Valley Water | San Jose, CA

Engineer I, S/W QA Cyber Security

@ Boston Scientific | Pune, IN

Application Security and Secure-SDLC Expert

@ CYE | Herzliya, Israel