Vulnerabilities (CVE)

Filtered by vendor Solarwinds Subscribe
Filtered by product Log \& Event Manager
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2017-7722 1 Solarwinds 1 Log \& Event Manager 2024-11-21 10.0 HIGH 10.0 CRITICAL
In SolarWinds Log & Event Manager (LEM) before 6.3.1 Hotfix 4, a menu system is encountered when the SSH service is accessed with "cmc" and "password" (the default username and password). By exploiting a vulnerability in the restrictssh feature of the menuing script, an attacker can escape from the restricted shell.
CVE-2017-7647 1 Solarwinds 1 Log \& Event Manager 2024-11-21 6.5 MEDIUM 8.8 HIGH
SolarWinds Log & Event Manager (LEM) before 6.3.1 Hotfix 4 allows an authenticated user to execute arbitrary commands.
CVE-2017-7646 1 Solarwinds 1 Log \& Event Manager 2024-11-21 4.0 MEDIUM 6.5 MEDIUM
SolarWinds Log & Event Manager (LEM) before 6.3.1 Hotfix 4 allows an authenticated user to browse the server's filesystem and read the contents of arbitrary files contained within.