Total
3 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2017-7722 | 1 Solarwinds | 1 Log \& Event Manager | 2024-11-21 | 10.0 HIGH | 10.0 CRITICAL |
In SolarWinds Log & Event Manager (LEM) before 6.3.1 Hotfix 4, a menu system is encountered when the SSH service is accessed with "cmc" and "password" (the default username and password). By exploiting a vulnerability in the restrictssh feature of the menuing script, an attacker can escape from the restricted shell. | |||||
CVE-2017-7647 | 1 Solarwinds | 1 Log \& Event Manager | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
SolarWinds Log & Event Manager (LEM) before 6.3.1 Hotfix 4 allows an authenticated user to execute arbitrary commands. | |||||
CVE-2017-7646 | 1 Solarwinds | 1 Log \& Event Manager | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
SolarWinds Log & Event Manager (LEM) before 6.3.1 Hotfix 4 allows an authenticated user to browse the server's filesystem and read the contents of arbitrary files contained within. |