从这个网页截图中,可以获取到以下关于漏洞的关键信息: 1. 漏洞编号和描述: - CVE-2024-28990:SolarWinds Access Rights Manager (ARM) Hardcoded Credentials Authentication Bypass Vulnerability。 - CVE-2024-28991:SolarWinds Access Rights Manager (ARM) Deserialization of Untrusted Data Remote Code Execution Vulnerability。 2. 漏洞严重性: - CVE-2024-28990:Medium。 - CVE-2024-28991:Critical。 3. 漏洞描述: - CVE-2024-28990:SolarWinds Access Rights Manager (ARM) was found to contain a hard-coded credential authentication bypass vulnerability. If exploited, this vulnerability would allow access to the RabbitMQ management console. - CVE-2024-28991:SolarWinds Access Rights Manager (ARM) was found to be susceptible to a remote code execution vulnerability. If exploited, this vulnerability would allow an authenticated user to abuse the service, resulting in remote code execution. 4. 漏洞发现者: - CVE-2024-28990:Piotr Bazydlo (@chudypb) of Trend Micro Zero Day Initiative。 - CVE-2024-28991:Piotr Bazydlo (@chudypb) of Trend Micro Zero Day Initiative。 这些信息详细描述了两个已知的漏洞,包括漏洞的编号、严重性、描述以及发现漏洞的人员。