High severity7.8CISA KEVNVD Advisory· Published Jun 17, 2016· Updated Apr 21, 2026

CVE-2016-3643

Description

SolarWinds Virtualization Manager 6.3.1 and earlier allow local users to gain privileges by leveraging a misconfiguration of sudo, as demonstrated by "sudo cat /etc/passwd."

Affected products

SolarWinds/Virtualization Manager
cpe:2.3:a:solarwinds:virtualization_manager:*:*:*:*:*:*:*:*
Range: <=6.3.1

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

packetstormsecurity.com/files/137487/Solarwinds-Virtualization-Manager-6.3.1-Privilege-Escalation.htmlnvdExploitThird Party AdvisoryVDB Entry
www.exploit-db.com/exploits/39967/nvdExploitThird Party AdvisoryVDB Entry
seclists.org/fulldisclosure/2016/Jun/26nvdMailing ListThird Party Advisory
www.cisa.gov/known-exploited-vulnerabilities-catalognvdUS Government Resource

News mentions

No linked articles in our index yet.

cvss	0.507
epss	0.004
exploit	0.030
kev	0.120
patch	0.000
ransomware	0.000