The vulnerability found in SolarWinds Access Rights Manager enables privilege escalation through a hard-coded credential authentication bypass, potentially allowing attackers to access the RabbitMQ management console and escalate privileges, giving them the ability to install programs, alter data, or create new accounts. Recommendations include applying updates, establishing vulnerability management processes, conducting penetration testing, and enabling anti-exploitation features to mitigate risks associated with this vulnerability.
https://www.cisecurity.org/advisory/a-vulnerability-in-solarwinds-access-rights-manager-could-allow-for-privilege-escalation_2024-057