Platform
solarwinds
Component
access-rights-manager
Fixed in
2023.2.5
CVE-2024-23468 identifies a Directory Traversal and Information Disclosure vulnerability within the SolarWinds Access Rights Manager. This flaw allows unauthenticated users to perform arbitrary file deletion and potentially leak sensitive data. The vulnerability impacts versions of Access Rights Manager up to and including 2023.2.4, and a patch is available in version 2024.3.
The impact of CVE-2024-23468 is significant due to its unauthenticated nature and the potential for both data deletion and information disclosure. An attacker could leverage this vulnerability to delete critical configuration files, system binaries, or even user data stored by Access Rights Manager. The information disclosure aspect allows attackers to potentially exfiltrate sensitive data such as usernames, passwords, or other confidential information managed by the system. Successful exploitation could lead to a complete compromise of the Access Rights Manager server and potentially impact other systems within the network if the compromised data is used for lateral movement.
CVE-2024-23468 was publicly disclosed on July 17, 2024. There is currently no indication of active exploitation in the wild, and no public proof-of-concept (POC) code has been released. The vulnerability is not currently listed on the CISA KEV catalog. Given the ease of exploitation (unauthenticated access) and the potential impact, it is likely to become a target for attackers.
Exploit Status
EPSS
0.64% (70% percentile)
CISA SSVC
CVSS Vector
The primary mitigation for CVE-2024-23468 is to upgrade SolarWinds Access Rights Manager to version 2024.3 or later, which contains the fix. If an immediate upgrade is not feasible, consider implementing temporary workarounds such as restricting network access to the Access Rights Manager server to only authorized users and systems. Review and harden file permissions to limit the potential impact of file deletion. While a WAF might offer some protection, it's unlikely to be effective against this type of directory traversal vulnerability. After upgrading, confirm the fix by attempting to access restricted files via the affected endpoint and verifying that access is denied.
Actualice SolarWinds Access Rights Manager a la versión 2024.3 o posterior. Esta actualización corrige la vulnerabilidad de recorrido de directorios y divulgación de información. Consulte las notas de la versión para obtener instrucciones detalladas sobre la actualización.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2024-23468 is a Directory Traversal vulnerability affecting SolarWinds Access Rights Manager versions up to 2023.2.4, allowing unauthenticated attackers to delete files and leak sensitive information.
You are affected if you are running SolarWinds Access Rights Manager version 2023.2.4 or earlier. Upgrade to 2024.3 or later to mitigate the risk.
Upgrade SolarWinds Access Rights Manager to version 2024.3 or later. As a temporary workaround, restrict network access and review file permissions.
There is currently no indication of active exploitation in the wild, but the vulnerability's ease of exploitation makes it a potential target.
Refer to the official SolarWinds security advisory for detailed information and patching instructions: [https://www.solarwinds.com/securityadvisories](https://www.solarwinds.com/securityadvisories)
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.