Platform
windows
Component
access-rights-manager
Fixed in
2023.2.5
CVE-2024-28993 represents a critical Directory Traversal and Information Disclosure vulnerability within the SolarWinds Access Rights Manager. This flaw allows unauthorized users, even without authentication, to perform arbitrary file deletion and potentially expose sensitive data stored on the system. The vulnerability impacts versions of Access Rights Manager prior to 2023.2.4, and a patch is available in version 2024-3.
The impact of CVE-2024-28993 is significant due to its unauthenticated nature and the potential for both data loss and information disclosure. An attacker could leverage this vulnerability to delete critical configuration files, system binaries, or even user data, effectively disrupting Access Rights Manager functionality. Furthermore, the ability to leak sensitive information could expose credentials, audit logs, or other confidential data, leading to further compromise. The ease of exploitation, requiring no authentication, significantly broadens the attack surface and increases the risk of widespread exploitation.
CVE-2024-28993 was publicly disclosed on July 17, 2024. The vulnerability's ease of exploitation and potential impact suggest a medium probability of exploitation (EPSS score likely medium). No public proof-of-concept (POC) code has been publicly released as of this writing, but the simplicity of the directory traversal technique makes it likely that POCs will emerge. Monitor security advisories and threat intelligence feeds for updates.
Exploit Status
EPSS
0.64% (70% percentile)
CISA SSVC
CVSS Vector
The primary mitigation for CVE-2024-28993 is to upgrade SolarWinds Access Rights Manager to version 2024-3 or later, which contains the fix. If an immediate upgrade is not feasible, consider implementing temporary workarounds such as restricting access to the affected endpoints through a Web Application Firewall (WAF) or proxy server. Configure the WAF to block requests containing suspicious path traversal sequences (e.g., '../'). Regularly monitor Access Rights Manager logs for any unusual file access or deletion attempts. Review and harden file permissions to limit the impact of potential file deletion.
Actualice SolarWinds Access Rights Manager a la versión 2024-3 o posterior. La actualización corrige la vulnerabilidad de recorrido de directorio y divulgación de información. Consulte las notas de la versión para obtener instrucciones detalladas sobre la actualización.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2024-28993 is a vulnerability allowing unauthenticated attackers to delete files and leak information in SolarWinds Access Rights Manager versions before 2024-3.
You are affected if you are running SolarWinds Access Rights Manager versions prior to 2023.2.4. Upgrade to 2024-3 to mitigate the risk.
Upgrade to SolarWinds Access Rights Manager version 2024-3 or later. As a temporary workaround, restrict access via a WAF or proxy.
While no public exploits are currently known, the vulnerability's ease of exploitation suggests a potential for active exploitation. Monitor security advisories.
Refer to the official SolarWinds security advisory on their website for detailed information and patching instructions.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.