The SolarWinds Access Rights Manager was found to be susceptible to an authentication bypass vulnerability. This vulnerability allows an unauthenticated user to gain domain admin access within the Active Directory environment.
When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.