Platform
solarwinds
Component
access-rights-manager
Fixed in
2023.2.5
CVE-2024-23475 represents a critical Directory Traversal and Information Disclosure vulnerability affecting SolarWinds Access Rights Manager. This flaw allows unauthenticated users to perform arbitrary file deletion and leak sensitive information, potentially leading to significant data breaches and system compromise. The vulnerability impacts versions of SolarWinds Access Rights Manager up to and including 2023.2.4. A patch is available in version 2024-3.
The impact of CVE-2024-23475 is severe due to its unauthenticated nature and the potential for arbitrary file deletion and information disclosure. An attacker could leverage this vulnerability to delete critical configuration files, database backups, or other sensitive data stored on the system. Successful exploitation could also lead to the exposure of credentials, personally identifiable information (PII), or proprietary business data. The ability to delete files could disrupt services and render the Access Rights Manager unusable, causing significant operational downtime. The lack of authentication required for exploitation dramatically increases the attack surface and potential for widespread compromise.
CVE-2024-23475 was publicly disclosed on July 17, 2024. Its CRITICAL CVSS score (9.6) indicates a high probability of exploitation. While no public proof-of-concept (PoC) has been widely released at the time of writing, the ease of exploitation inherent in directory traversal vulnerabilities suggests that a PoC is likely to emerge. The vulnerability has been added to the CISA KEV catalog, signifying a heightened level of concern and potential for exploitation in critical infrastructure environments.
Exploit Status
EPSS
0.24% (48% percentile)
CISA SSVC
CVSS Vector
The primary mitigation for CVE-2024-23475 is to upgrade SolarWinds Access Rights Manager to version 2024-3 or later, which contains the fix. If an immediate upgrade is not possible, consider implementing temporary workarounds. Restrict network access to the Access Rights Manager server to only authorized personnel. Implement strict file permissions to limit the impact of potential file deletion. Monitor system logs for suspicious activity, particularly attempts to access or modify files outside of expected directories. Consider using a Web Application Firewall (WAF) to filter out malicious requests attempting to exploit directory traversal vulnerabilities. After upgrading, confirm the vulnerability is resolved by attempting a directory traversal request and verifying that access is denied.
Update SolarWinds Access Rights Manager to version 2024-3 or later. The update addresses the directory traversal and information disclosure vulnerability. See the release notes for detailed upgrade instructions.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2024-23475 is a critical vulnerability allowing unauthenticated attackers to delete files and leak sensitive information in SolarWinds Access Rights Manager versions up to 2023.2.4.
You are affected if you are running SolarWinds Access Rights Manager versions 2023.2.4 or earlier. Upgrade to 2024-3 or later to mitigate the risk.
Upgrade SolarWinds Access Rights Manager to version 2024-3 or later. Implement temporary workarounds like restricting network access and monitoring logs if an immediate upgrade is not possible.
While no widespread exploitation has been confirmed, the vulnerability's severity and ease of exploitation suggest a high likelihood of active exploitation.
Refer to the official SolarWinds security advisory for detailed information and remediation steps: [https://www.solarwinds.com/securityadvisories](https://www.solarwinds.com/securityadvisories)
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.