# CVE-2024-28074

> It was discovered that a previous vulnerability was not completely fixed with SolarWinds Access Rights Manager. While some controls were implemented the researcher was able to bypass these and use a different method to exploit the vulnerability.

- **CVSS:** 9.6 (CRITICAL)
- **EPSS:** 0.1%
- **CWE:** CWE-502

Canonical: https://intel.threadlinqs.com/cve/CVE-2024-28074
Full threat coverage + IOCs via the Threadlinqs MCP server (Purple tier): https://intel.threadlinqs.com/mcp