#VU97185 Use of hard-coded credentials in Access Rights Manager - CVE-2024-28990

Cybersecurity Help s.r.o.

Published: 2024-09-12 | Updated: 2024-09-16

Vulnerability identifier: #VU97185

Vulnerability risk: Medium

CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2024-28990

CWE-ID: CWE-798

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Access Rights Manager
Server applications / Other server solutions

Vendor: SolarWinds

Description

The vulnerability allows a remote attacker to gain unauthorized access to the application.

The vulnerability exists due to presence of hard-coded credentials in application code. A remote unauthenticated attacker can access the RabbitMQ management console.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

Access Rights Manager: 2019.4 - 2024.3

External links
https://documentation.solarwinds.com/en/Success_Center/ARM/Content/release_notes/arm_2024-3-1_release_notes.htm
https://www.zerodayinitiative.com/advisories/ZDI-24-1225/
https://www.solarwinds.com/trust-center/security-advisories/cve-2024-28990

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Multiple vulnerabilities in SolarWinds Access Rights Manager