Description
The SolarWinds Access Rights Manager was found to be susceptible to an authentication bypass vulnerability. This vulnerability allows an unauthenticated user to gain domain admin access within the Active Directory environment.
CVSS Metrics
- Vector
- CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
- Attack Vector
- adjacent network
- Complexity
- high
- Privileges
- none
- User Action
- none
- Scope
- changed
- Confidentiality
- high
- Integrity
- high
- Availability
- high
- Weaknesses
- CWE-287CWE-287
Metadata
- Primary Vendor
- SOLARWINDS
- Published
- 7/17/2024
- Last Modified
- 2/26/2025
- Source
- NIST NVD
- Note: Verify all details with official vendor sources before applying patches.
Affected Products
solarwinds : access_rights_manager
AI-Powered Remediation
Generate remediation guidance or a C-suite brief for this vulnerability.