CVE-2023-35183 (GCVE-0-2023-35183)

Vulnerability from cvelistv5 – Published: 2023-10-19 14:23 – Updated: 2024-09-13 14:32
VLAI?
Title
SolarWinds Access Rights Manager Incorrect Default Permissions Local Privilege Escalation Vulnerability
Summary
The SolarWinds Access Rights Manager was susceptible to Privilege Escalation Vulnerability. This vulnerability allows authenticated users to abuse local resources to Privilege Escalation.
Severity ?
7.8 (High)
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE
  • CWE-276 - Incorrect Default Permissions
Assigner
References
Impacted products
Vendor Product Version
SolarWinds Access Rights Manager Affected: previous versions , ≤ 2023.2.0.73 (2023.2)
Create a notification for this product.
Credits
Piotr Bazydlo (@chudypb) of Trend Micro Zero Day Initiative
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T16:23:59.478Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.solarwinds.com/trust-center/security-advisories/CVE-2023-35183"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://documentation.solarwinds.com/en/success_center/arm/content/release_notes/arm_2023-2-1_release_notes.htm"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:solarwinds:access_rights_manager:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "access_rights_manager",
            "vendor": "solarwinds",
            "versions": [
              {
                "lessThanOrEqual": "2023.2.0.73",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-35183",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-13T14:31:39.184442Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-13T14:32:25.149Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Access Rights Manager",
          "vendor": "SolarWinds",
          "versions": [
            {
              "lessThanOrEqual": "2023.2.0.73",
              "status": "affected",
              "version": "previous versions",
              "versionType": "2023.2"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "user": "00000000-0000-4000-9000-000000000000",
          "value": "Piotr Bazydlo (@chudypb) of Trend Micro Zero Day Initiative"
        }
      ],
      "datePublic": "2023-10-18T07:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "The SolarWinds Access Rights Manager was susceptible to Privilege Escalation Vulnerability. This vulnerability allows authenticated users to abuse local resources to Privilege Escalation."
            }
          ],
          "value": "The SolarWinds Access Rights Manager was susceptible to Privilege Escalation Vulnerability. This vulnerability allows authenticated users to abuse local resources to Privilege Escalation."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-233",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-233 Privilege Escalation"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-276",
              "description": "CWE-276 Incorrect Default Permissions",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-10-19T14:23:59.019Z",
        "orgId": "49f11609-934d-4621-84e6-e02e032104d6",
        "shortName": "SolarWinds"
      },
      "references": [
        {
          "url": "https://www.solarwinds.com/trust-center/security-advisories/CVE-2023-35183"
        },
        {
          "url": "https://documentation.solarwinds.com/en/success_center/arm/content/release_notes/arm_2023-2-1_release_notes.htm"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "All SolarWinds Access Rights Manager customers are advised to upgrade to the latest version of the SolarWinds Access Rights Manager 2023.2.1\u003cbr\u003e"
            }
          ],
          "value": "All SolarWinds Access Rights Manager customers are advised to upgrade to the latest version of the SolarWinds Access Rights Manager 2023.2.1\n"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "SolarWinds Access Rights Manager Incorrect Default Permissions Local Privilege Escalation Vulnerability",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "49f11609-934d-4621-84e6-e02e032104d6",
    "assignerShortName": "SolarWinds",
    "cveId": "CVE-2023-35183",
    "datePublished": "2023-10-19T14:23:59.019Z",
    "dateReserved": "2023-06-14T20:03:23.107Z",
    "dateUpdated": "2024-09-13T14:32:25.149Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:solarwinds:access_rights_manager:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"2023.2.0.73\", \"matchCriteriaId\": \"D2286244-6B0B-40D7-BC8B-8F843005B66B\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"The SolarWinds Access Rights Manager was susceptible to Privilege Escalation Vulnerability. This vulnerability allows authenticated users to abuse local resources to Privilege Escalation.\"}, {\"lang\": \"es\", \"value\": \"SolarWinds Access Rights Manager era susceptible a una vulnerabilidad de escalada de privilegios. Esta vulnerabilidad permite a los usuarios autenticados abusar de los recursos locales para escalar privilegios.\"}]",
      "id": "CVE-2023-35183",
      "lastModified": "2024-11-21T08:08:06.877",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"psirt@solarwinds.com\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 7.8, \"baseSeverity\": \"HIGH\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 1.8, \"impactScore\": 5.9}]}",
      "published": "2023-10-19T15:15:09.157",
      "references": "[{\"url\": \"https://documentation.solarwinds.com/en/success_center/arm/content/release_notes/arm_2023-2-1_release_notes.htm\", \"source\": \"psirt@solarwinds.com\", \"tags\": [\"Release Notes\", \"Vendor Advisory\"]}, {\"url\": \"https://www.solarwinds.com/trust-center/security-advisories/CVE-2023-35183\", \"source\": \"psirt@solarwinds.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://documentation.solarwinds.com/en/success_center/arm/content/release_notes/arm_2023-2-1_release_notes.htm\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Release Notes\", \"Vendor Advisory\"]}, {\"url\": \"https://www.solarwinds.com/trust-center/security-advisories/CVE-2023-35183\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
      "sourceIdentifier": "psirt@solarwinds.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"psirt@solarwinds.com\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-276\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2023-35183\",\"sourceIdentifier\":\"psirt@solarwinds.com\",\"published\":\"2023-10-19T15:15:09.157\",\"lastModified\":\"2024-11-21T08:08:06.877\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The SolarWinds Access Rights Manager was susceptible to Privilege Escalation Vulnerability. This vulnerability allows authenticated users to abuse local resources to Privilege Escalation.\"},{\"lang\":\"es\",\"value\":\"SolarWinds Access Rights Manager era susceptible a una vulnerabilidad de escalada de privilegios. Esta vulnerabilidad permite a los usuarios autenticados abusar de los recursos locales para escalar privilegios.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"psirt@solarwinds.com\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"psirt@solarwinds.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-276\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:solarwinds:access_rights_manager:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"2023.2.0.73\",\"matchCriteriaId\":\"D2286244-6B0B-40D7-BC8B-8F843005B66B\"}]}]}],\"references\":[{\"url\":\"https://documentation.solarwinds.com/en/success_center/arm/content/release_notes/arm_2023-2-1_release_notes.htm\",\"source\":\"psirt@solarwinds.com\",\"tags\":[\"Release Notes\",\"Vendor Advisory\"]},{\"url\":\"https://www.solarwinds.com/trust-center/security-advisories/CVE-2023-35183\",\"source\":\"psirt@solarwinds.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://documentation.solarwinds.com/en/success_center/arm/content/release_notes/arm_2023-2-1_release_notes.htm\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\",\"Vendor Advisory\"]},{\"url\":\"https://www.solarwinds.com/trust-center/security-advisories/CVE-2023-35183\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://www.solarwinds.com/trust-center/security-advisories/CVE-2023-35183\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://documentation.solarwinds.com/en/success_center/arm/content/release_notes/arm_2023-2-1_release_notes.htm\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-02T16:23:59.478Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2023-35183\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-09-13T14:31:39.184442Z\"}}}], \"affected\": [{\"cpes\": [\"cpe:2.3:a:solarwinds:access_rights_manager:*:*:*:*:*:*:*:*\"], \"vendor\": \"solarwinds\", \"product\": \"access_rights_manager\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"2023.2.0.73\"}], \"defaultStatus\": \"unknown\"}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-09-13T14:32:14.953Z\"}}], \"cna\": {\"title\": \"SolarWinds Access Rights Manager Incorrect Default Permissions Local Privilege Escalation Vulnerability\", \"source\": {\"discovery\": \"UNKNOWN\"}, \"credits\": [{\"lang\": \"en\", \"type\": \"finder\", \"user\": \"00000000-0000-4000-9000-000000000000\", \"value\": \"Piotr Bazydlo (@chudypb) of Trend Micro Zero Day Initiative\"}], \"impacts\": [{\"capecId\": \"CAPEC-233\", \"descriptions\": [{\"lang\": \"en\", \"value\": \"CAPEC-233 Privilege Escalation\"}]}], \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.8, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"HIGH\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"SolarWinds\", \"product\": \"Access Rights Manager\", \"versions\": [{\"status\": \"affected\", \"version\": \"previous versions\", \"versionType\": \"2023.2\", \"lessThanOrEqual\": \"2023.2.0.73\"}], \"defaultStatus\": \"unaffected\"}], \"solutions\": [{\"lang\": \"en\", \"value\": \"All SolarWinds Access Rights Manager customers are advised to upgrade to the latest version of the SolarWinds Access Rights Manager 2023.2.1\\n\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"All SolarWinds Access Rights Manager customers are advised to upgrade to the latest version of the SolarWinds Access Rights Manager 2023.2.1\u003cbr\u003e\", \"base64\": false}]}], \"datePublic\": \"2023-10-18T07:00:00.000Z\", \"references\": [{\"url\": \"https://www.solarwinds.com/trust-center/security-advisories/CVE-2023-35183\"}, {\"url\": \"https://documentation.solarwinds.com/en/success_center/arm/content/release_notes/arm_2023-2-1_release_notes.htm\"}], \"x_generator\": {\"engine\": \"Vulnogram 0.1.0-dev\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"The SolarWinds Access Rights Manager was susceptible to Privilege Escalation Vulnerability. This vulnerability allows authenticated users to abuse local resources to Privilege Escalation.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"The SolarWinds Access Rights Manager was susceptible to Privilege Escalation Vulnerability. This vulnerability allows authenticated users to abuse local resources to Privilege Escalation.\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-276\", \"description\": \"CWE-276 Incorrect Default Permissions\"}]}], \"providerMetadata\": {\"orgId\": \"49f11609-934d-4621-84e6-e02e032104d6\", \"shortName\": \"SolarWinds\", \"dateUpdated\": \"2023-10-19T14:23:59.019Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2023-35183\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-09-13T14:32:25.149Z\", \"dateReserved\": \"2023-06-14T20:03:23.107Z\", \"assignerOrgId\": \"49f11609-934d-4621-84e6-e02e032104d6\", \"datePublished\": \"2023-10-19T14:23:59.019Z\", \"assignerShortName\": \"SolarWinds\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.