SolarWinds Product Security Update Advisory

Feb 20 2024

Overview

SolarWinds (https://www.solarwinds.com/) has released a security update that fixes a vulnerability in its supplied products. Users of affected systems are encouraged to update to the latest version.

Affected Products

SolarWinds Access Rights Manager (ARM) 2023.2.2 and earlier versions

Resolved Vulnerabilities

Deserialization of Untrusted Data Remote code Execution (RCE) Vulnerability in ARM (CVE-2023-40057, CVE-2024-23478)

Path Traversal Remote Code Execution (RCE) Vulnerabilities in ARM (CVE-2024-23476, CVE-2024-23477, CVE-2024-23479)

Vulnerability Patches

Vulnerability patches were made available in the February 15, 2024 update. For more information about the vulnerability patches, please check the reference site.

SolarWinds Access Rights Manager (ARM) version 2023.2.3

Referenced Sites

[1] ARM 2023.2.3 Release Notes
https://documentation.solarwinds.com/en/success_center/arm/content/release_notes/arm_2023-2-3_release_notes.htm
[2] SolarWinds Access Rights Manager (ARM) Deserialization of Untrusted Data Remote Code Execution Vulnerability (CVE-2023-40057)
https://www.solarwinds.com/trust-center/security-advisories/CVE-2023-40057
[3] SolarWinds Access Rights Manager (ARM) Directory Traversal Remote Code Execution Vulnerability (CVE-2024-23476)
https://www.solarwinds.com/trust-center/security-advisories/CVE-2024-23476
[4] SolarWinds Access Rights Manager (ARM) Traversal Remote Code Execution Vulnerability (CVE-2024-23477)
https://www.solarwinds.com/trust-center/security-advisories/CVE-2024-23477
[5] SolarWinds Access Rights Manager (ARM) Deserialization of Untrusted Data Remote Code Execution Vulnerability (CVE-2024-23478)
https://www.solarwinds.com/trust-center/security-advisories/CVE-2024-23478
[6] SolarWinds Access Rights Manager (ARM) Traversal Remote Code Execution Vulnerability (CVE-2024-23479)
https://www.solarwinds.com/trust-center/security-advisories/CVE-2024-23479
[7] ARM Installation and Upgrade Guide
https://documentation.solarwinds.com/en/success_center/arm/content/arm_installation_guide.htm

SolarWinds Product Security Update Advisory

Overview

Affected Products

Resolved Vulnerabilities

Vulnerability Patches

Referenced Sites

NVIDIA (DGX Station A100, DGX Station A800) Products February 2024 Security Update Advisory

VMware Family February 2024 Round 1 Security Update Advisory

Overview

Affected Products

Resolved Vulnerabilities

Vulnerability Patches

Referenced Sites

Tags:

NVIDIA (DGX Station A100, DGX Station A800) Products February 2024 Security Update Advisory

VMware Family February 2024 Round 1 Security Update Advisory