Unrated severityNVD Advisory· Published Jul 21, 2015· Updated Jun 17, 2026
CVE-2015-5610
CVE-2015-5610
Description
The RSM (aka RSMWinService) service in SolarWinds N-Able N-Central before 9.5.1.4514 uses the same password decryption key across different customers' installations, which makes it easier for remote authenticated users to obtain the cleartext domain-administrator password by locating the encrypted password within HTML source code and then leveraging knowledge of this key from another installation.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2cpe:2.3:a:solarwinds:n-able_n-central:*:sp1:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:solarwinds:n-able_n-central:*:sp1:*:*:*:*:*:*range: <=9.5
- (no CPE)range: <9.5.1.4514
Patches
Vulnerability mechanics
References
2- www.kb.cert.org/vuls/id/912036nvdThird Party AdvisoryUS Government Resource
- www.securityfocus.com/bid/75969nvd
News mentions
0No linked articles in our index yet.