Platform
solarwinds
Component
access-rights-manager
Fixed in
2023.2.5
CVE-2024-23474 identifies a Directory Traversal vulnerability within the SolarWinds Access Rights Manager. This flaw allows unauthorized users to potentially delete arbitrary files and expose sensitive information on the system. The vulnerability impacts versions of the software up to and including 2023.2.4, and a patch is available in version 2024.3.
Successful exploitation of CVE-2024-23474 could lead to severe consequences. An attacker could leverage this directory traversal to delete critical system files, potentially disrupting Access Rights Manager functionality and impacting the broader network. Information disclosure is another significant risk, as sensitive data stored on the server could be exposed. The potential for lateral movement exists if the attacker can leverage the compromised server to access other systems within the network. The blast radius extends to any data managed by Access Rights Manager, including user credentials, access policies, and audit logs.
CVE-2024-23474 was publicly disclosed on July 17, 2024. The vulnerability's impact, allowing arbitrary file deletion, raises concerns about potential exploitation. There are currently no publicly available proof-of-concept exploits, but the ease of directory traversal exploitation suggests a medium probability of exploitation. It is not currently listed on the CISA KEV catalog.
Exploit Status
EPSS
0.06% (20% percentile)
CISA SSVC
CVSS Vector
The primary mitigation for CVE-2024-23474 is to upgrade to SolarWinds Access Rights Manager version 2024.3 or later. If an immediate upgrade is not feasible, consider implementing temporary workarounds. Deploy a Web Application Firewall (WAF) with rules to restrict access to sensitive files and directories. Review and tighten file access permissions within the Access Rights Manager installation directory. Monitor Access Rights Manager logs for suspicious activity, particularly attempts to access files outside of expected locations. After upgrading, verify the fix by attempting to access restricted files and confirming access is denied.
Actualice SolarWinds Access Rights Manager a la versión 2024.3 o posterior. Esta actualización corrige la vulnerabilidad de eliminación arbitraria de archivos y divulgación de información.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2024-23474 is a Directory Traversal vulnerability affecting SolarWinds Access Rights Manager versions up to 2023.2.4, allowing attackers to potentially delete files and disclose information.
You are affected if you are using SolarWinds Access Rights Manager versions 2023.2.4 or earlier. Upgrade to 2024.3 to mitigate the risk.
The recommended fix is to upgrade to SolarWinds Access Rights Manager version 2024.3 or later. Implement WAF rules as a temporary workaround.
While no public exploits are currently available, the nature of the vulnerability suggests a medium probability of exploitation.
Refer to the official SolarWinds security advisory for detailed information and updates: [https://www.solarwinds.com/securityadvisories](https://www.solarwinds.com/securityadvisories)
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.