ARM 2024.3 release notes
Release date: July 17, 2024
These release notes were last updated on August 6, 2024.
Here's what's new in Access Rights Manager 2024.3.
Learn more
- See the ARM 2024.3 system requirements.
- For information about working with ARM, see the ARM 2024.3 Administrator Guide.
New features and improvements in ARM
Secure gRPC certificate based authentication
ARM Server includes gRPC certificate based authentication as a mechanism to secure communications with the ARM clients. These clients include the Collector, Rich Client, Web Client, and the Configuration application.
See Enable gRPC certificate based authentication for more information.
Updated procedure for registering new ARM clients
To prevent unauthorized access to your ARM deployment, new ARM clients must be registered with an InitCode that you generate in the Web Client.
See How to register the ARM clients located on the SolarWinds Support website for instructions.
Updated procedure for installing new collectors
To prevent unauthorized access to your ARM deployment, new collectors must be registered with an InitCode so the collector will successfully connect with the ARM server.
See How to register a manually installed collector in ARM located on the SolarWinds Support website for instructions.
Enhanced Web Client
You can now configure and execute Active Directory scripts in the Web Client.
Fixes
| Case number | Description |
|---|---|
|
00909054 01070894 01165224 |
After you install ARM for the first time, you can display all Active Directory (AD) user accounts by pressing F5. |
|
00992621 01261675 01355526 01055171 |
Updating the group-specific characters in a File server change configuration no longer updates additional group wizard configurations on other file server resources. |
|
01174011 |
When you generate a spreadsheet report that includes German content, the report tabs no longer display “invalid name” for report titles that exceed 31 characters. |
|
01240892 |
The Analyze grid in the Web Client no longer displays blank fields after you enter a description. |
|
01501385 01555074 |
When you generate the All AD User accounts report, the report generates successfully and can be sent to an email recipient. |
|
01287307 01568099 |
A user with Data Owner privileges can now remove a user from a subdomain. |
|
01287307 01568099 |
You can now run the ARM Diagnostic tool after you complete the ARM installation. |
|
01321563 |
When you export the All AD Accounts report to a Microsoft Excel spreadsheet, the Type column now includes the user type and account status. |
|
01351827 01445227 |
You can now perform a scan on over 1000 mailboxes. |
|
01324034 01360604 01324034 |
After you configure and run a SharePoint Online scan, all SharePoint resources are available. |
|
01366607 |
When you update the pnserver.config.xml file to disable single sign-on (SSO) and specify the login domain, the new parameters are applied correctly in the Web Client when users log in as the current Windows user. |
|
01375368 |
A typo was corrected in the ARM user interface. |
|
01367379 01371465 |
The Web Client no longer generates an error when you analyze the file system permissions. |
|
01421757 |
When you run the web client on a separate server, you can now change the translation language on the Login screen. |
|
01441219 |
The Settings > Recertification page in the Web Client now displays the correct recertification date. |
|
01456543 |
In the Web Client Resources view, you can now create private teams. |
|
01543132 |
When you perform any action in the Web Client, the action response message now displays in your selected language. |
CVEs
SolarWinds would like to thank our Security Researchers below for reporting on the issue in a responsible manner and working with our security, product, and engineering teams to fix the vulnerability.
| CVE-ID | Vulnerability title | Description | Severity | Credit |
|---|---|---|---|---|
| CVE-2024-23475 | SolarWinds Access Rights Manager Directory Traversal and Information Disclosure Vulnerability |
The SolarWinds Access Rights Manager was susceptible to a Directory Traversal and Information Disclosure Vulnerability. This vulnerability allows an unauthenticated user to perform arbitrary file deletion and leak sensitive information. We thank Trend Micro Zero Day Initiative (ZDI) for its ongoing partnership in coordinating with SolarWinds on responsible disclosure of this and other potential vulnerabilities. |
9.6 Critical | Piotr Bazydlo (@chudypb) of Trend Micro Zero Day Initiative |
| CVE-2024-23469 | SolarWinds Access Rights Manager Exposed Dangerous Method Remote Code Execution Vulnerability |
SolarWinds Access Rights Manager (ARM) is susceptible to a Remote Code Execution vulnerability. If exploited, this vulnerability allows an unauthenticated user to perform the actions with SYSTEM privileges. We thank Trend Micro Zero Day Initiative (ZDI) for its ongoing partnership in coordinating with SolarWinds on responsible disclosure of this and other potential vulnerabilities. |
9.6 Critical | Piotr Bazydlo (@chudypb) of Trend Micro Zero Day Initiative |
| CVE-2024-23472 | SolarWinds Access Rights Manager Directory Traversal Arbitrary File Deletion and Information Disclosure Vulnerability |
SolarWinds Access Rights Manager (ARM) is susceptible to Directory Traversal vulnerability. This vulnerability allows an authenticated user to arbitrary read and delete files in ARM. We thank Trend Micro Zero Day Initiative (ZDI) for its ongoing partnership in coordinating with SolarWinds on responsible disclosure of this and other potential vulnerabilities. |
9.6 Critical | Piotr Bazydlo (@chudypb) of Trend Micro Zero Day Initiative |
| CVE-2024-23465 | SolarWinds Access Rights Manager (ARM) ChangeHumster Exposed Dangerous Method Authentication Bypass Vulnerability |
The SolarWinds Access Rights Manager was found to be susceptible to an authentication bypass vulnerability. This vulnerability allows an unauthenticated user to gain domain admin access within the Active Directory environment. We thank Trend Micro Zero Day Initiative (ZDI) for its ongoing partnership in coordinating with SolarWinds on responsible disclosure of this and other potential vulnerabilities. |
8.3 High | Piotr Bazydlo (@chudypb) of Trend Micro Zero Day Initiative |
| CVE-2024-23466 | SolarWinds Access Rights Manager Directory Traversal Remote Code Execution Vulnerability |
SolarWinds Access Rights Manager (ARM) is susceptible to a Directory Traversal Remote Code Execution vulnerability. If exploited, this vulnerability allows an unauthenticated user to perform the actions with SYSTEM privileges. We thank Trend Micro Zero Day Initiative (ZDI) for its ongoing partnership in coordinating with SolarWinds on responsible disclosure of this and other potential vulnerabilities. |
9.6 Critical | Anonymous working with Trend Micro Zero Day Initiative |
| CVE-2024-28993 | SolarWinds Access Rights Manager Directory Traversal and Information Disclosure Vulnerability |
The SolarWinds Access Rights Manager was susceptible to a Directory Traversal and Information Disclosure Vulnerability. This vulnerability allows an unauthenticated user to perform arbitrary file deletion and leak sensitive information. We thank Trend Micro Zero Day Initiative (ZDI) for its ongoing partnership in coordinating with SolarWinds on responsible disclosure of this and other potential vulnerabilities. |
7.6 High | Piotr Bazydlo (@chudypb) of Trend Micro Zero Day Initiative |
| CVE-2024-23467 | SolarWinds Access Rights Manager Directory Traversal Remote Code Execution Vulnerability |
The SolarWinds Access Rights Manager was susceptible to a Directory Traversal and Information Disclosure Vulnerability. This vulnerability allows an unauthenticated user to perform remote code execution. We thank Trend Micro Zero Day Initiative (ZDI) for its ongoing partnership in coordinating with SolarWinds on responsible disclosure of this and other potential vulnerabilities. |
9.6 Critical | Anonymous working with Trend Micro Zero Day Initiative |
| CVE-2024-28992 | SolarWinds Access Rights Manager Directory Traversal and Information Disclosure Vulnerability |
The SolarWinds Access Rights Manager was susceptible to a Directory Traversal and Information Disclosure Vulnerability. This vulnerability allows an unauthenticated user to perform arbitrary file deletion and leak sensitive information. We thank Trend Micro Zero Day Initiative (ZDI) for its ongoing partnership in coordinating with SolarWinds on responsible disclosure of this and other potential vulnerabilities. |
7.6 High | Piotr Bazydlo (@chudypb) of Trend Micro Zero Day Initiative |
| CVE-2024-28074 | SolarWinds Access Rights Manager (ARM) Internal Deserialization Remote Code Execution Vulnerability |
It was discovered that a previous vulnerability was not completely fixed with SolarWinds Access Rights Manager. While some controls were implemented the researcher was able to bypass these and use a different method to exploit the vulnerability. We thank Trend Micro Zero Day Initiative (ZDI) for its ongoing partnership in coordinating with SolarWinds on responsible disclosure of this and other potential vulnerabilities." |
9.6 Critical | Anonymous working with Trend Micro Zero Day Initiative |
| CVE-2024-23474 | SolarWinds Access Rights Manager (ARM) deleteTransferFile Directory Traversal Arbitrary File Deletion and Information Disclosure Vulnerability |
The SolarWinds Access Rights Manager was found to be susceptible to an Arbitrary File Deletion and Information Disclosure vulnerability. We thank Trend Micro Zero Day Initiative (ZDI) for its ongoing partnership in coordinating with SolarWinds on responsible disclosure of this and other potential vulnerabilities. |
7.6 High | Piotr Bazydlo (@chudypb) of Trend Micro Zero Day Initiative |
| CVE-2024-23468 | SolarWinds Access Rights Manager Directory Traversal and Information Disclosure Vulnerability |
The SolarWinds Access Rights Manager was susceptible to a Directory Traversal and Information Disclosure Vulnerability. This vulnerability allows an unauthenticated user to perform arbitrary file deletion and leak sensitive information. We thank Trend Micro Zero Day Initiative (ZDI) for its ongoing partnership in coordinating with SolarWinds on responsible disclosure of this and other potential vulnerabilities. " |
7.6 High | Piotr Bazydlo (@chudypb) of Trend Micro Zero Day Initiative |
| CVE-2024-23471 | SolarWinds Access Rights Manager (ARM) CreateFile Directory Traversal Remote Code Execution Vulnerability |
The SolarWinds Access Rights Manager was found to be susceptible to a Remote Code Execution Vulnerability. If exploited, this vulnerability allows an authenticated user to abuse a SolarWinds service resulting in remote code execution. We thank Trend Micro Zero Day Initiative (ZDI) for its ongoing partnership in coordinating with SolarWinds on responsible disclosure of this and other potential vulnerabilities. |
9.6 Critical | Anonymous working with Trend Micro Zero Day Initiative |
| CVE-2024-23470 | SolarWinds Access Rights Manager (ARM) UserScriptHumster Exposed Dangerous Method Remote Command Execution Vulnerability |
The SolarWinds Access Rights Manager was found to be susceptible to a pre-authentication remote code execution vulnerability. If exploited, this vulnerability allows an unauthenticated user to run commands and executables. We thank Trend Micro Zero Day Initiative (ZDI) for its ongoing partnership in coordinating with SolarWinds on responsible disclosure of this and other potential vulnerabilities. |
9.6 Critical | Anonymous working with Trend Micro Zero Day Initiative |
Installation or upgrade
For new installations, you can download the installation file from the product page on https://www.solarwinds.com or from the Customer Portal. For more information, see the ARM Installation and Upgrade Guide.
If you are upgrading from a previous version, see Upgrade ARM in the ARM Installation and Upgrade Guide for instructions.
Known issues
Configwizard error
In some cases where the ARM server fails to restart automatically after the update, an error occurs in the basic config while configuring the Rabbit MQ credentials.
Resolution or workaround:
Manually restart the ARM service. If the error persists, delete the pnServer.messaging.config.xml file and restart the ARM service.
Collector security warning displays in Health Check
After you upgrade to ARM 2024.3, the following message displays in Health Check:
Collector security
Resolution or workaround: Ignore this warning. It is a false positive. See 'Collector security' warning in ARM 2024.3 located on the SolarWinds Support website for more information.
Exchange scan fails
When you run a scan on Microsoft Exchange, the scan fails and the following message is displayed on your screen:
Abnormal process termination
Resolution or workaround: SolarWinds recommends repairing the ARM installation, as the account is set for the Exchange scan in ARM. For additional workarounds, contact SolarWinds Technical Support.
This issue is still under investigation.
Collectors do not reconnect to the ARM Server after you restart the ARM Service
When you restart the ARM Service on the ARM Server, the collectors do not reconnect to the ARM server.
Resolution or workaround: Restart the ARM Service on each collector machine. Repeat this process until each collector connects to the ARM Server. See ARM collectors do not connect after the update to ARM 2024.3 located on the SolarWinds Support website for instructions.
Connection security option does not display in the Web Client
If your ARM Server is running a legacy 8man license or an ARMA (audit) license version, the Connection security option does not display in the Web Client.
Resolution or workaround:
-
Log in to the ARM Server as an administrator.
-
Copy the files from one of the following directories to another directory:
C:\Program Files\Protected Networks\8MAN\GrantMA\wwwrootor
C:\Program Files\Solarwinds\ARM\GrantMA\wwwroot -
Save the new directory to an archive file using an archive utility (such as 7-Zip).
-
Contact SolarWinds Technical Support.
-
Send the archive file to the technical support personnel for the necessary modifications.
-
Follow the instructions provided by the technical support personnel to complete the workaround.
Legal notices
© 2024 SolarWinds Worldwide, LLC. All rights reserved.
This document may not be reproduced by any means nor modified, decompiled, disassembled, published or distributed, in whole or in part, or translated to any electronic medium or other means without the prior written consent of SolarWinds. All right, title, and interest in and to the software, services, and documentation are and shall remain the exclusive property of SolarWinds, its affiliates, and/or its respective licensors.
SOLARWINDS DISCLAIMS ALL WARRANTIES, CONDITIONS, OR OTHER TERMS, EXPRESS OR IMPLIED, STATUTORY OR OTHERWISE, ON THE DOCUMENTATION, INCLUDING WITHOUT LIMITATION NONINFRINGEMENT, ACCURACY, COMPLETENESS, OR USEFULNESS OF ANY INFORMATION CONTAINED HEREIN. IN NO EVENT SHALL SOLARWINDS, ITS SUPPLIERS, NOR ITS LICENSORS BE LIABLE FOR ANY DAMAGES, WHETHER ARISING IN TORT, CONTRACT OR ANY OTHER LEGAL THEORY, EVEN IF SOLARWINDS HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
The SolarWinds, SolarWinds & Design, Orion, and THWACK trademarks are the exclusive property of SolarWinds Worldwide, LLC or its affiliates, are registered with the U.S. Patent and Trademark Office, and may be registered or pending registration in other countries. All other SolarWinds trademarks, service marks, and logos may be common law marks or are registered or pending registration. All other trademarks mentioned herein are used for identification purposes only and are trademarks of (and may be registered trademarks) of their respective companies.