September 16, 2024 at 05:27AM
SolarWinds has released patches for two vulnerabilities in its Access Rights Manager, including a critical-severity bug (CVE-2024-28991) enabling remote code execution. A second issue (CVE-2024-28990) allows an attacker to access RabbitMQ management console. Both were resolved in version 2024.3.1 and users are advised to update installations promptly. No exploitation in the wild has been reported.
Based on the meeting notes, there are two critical vulnerabilities in SolarWinds’ Access Rights Manager. The first vulnerability, tracked as CVE-2024-28991 with a CVSS score of 9.0, could allow remote attackers to execute arbitrary code on an affected system. This issue is described as a deserialization of untrusted data flaw and was reported by Piotr Bazydlo of Trend Micro’s Zero Day Initiative. The second issue, tracked as CVE-2024-28990, is a hardcoded credential vulnerability that could allow an attacker to bypass authentication and access the RabbitMQ management console.
Both vulnerabilities have been resolved with the release of Access Rights Manager version 2024.3.1, and users are advised to update their installations as soon as possible. It’s important to note that SolarWinds has not mentioned any exploitation of these vulnerabilities in the wild.