Critical severity10.0NVD Advisory· Published Apr 12, 2017· Updated Jun 17, 2026
CVE-2017-7722
CVE-2017-7722
Description
In SolarWinds Log & Event Manager (LEM) before 6.3.1 Hotfix 4, a menu system is encountered when the SSH service is accessed with "cmc" and "password" (the default username and password). By exploiting a vulnerability in the restrictssh feature of the menuing script, an attacker can escape from the restricted shell.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1- cpe:2.3:a:solarwinds:log_\&_event_manager:6.3.1:*:*:*:*:*:*:*
Patches
Vulnerability mechanics
References
2- thwack.solarwinds.com/thread/111223nvdMitigationPatchVendor Advisory
- pentest.blog/unexpected-journey-4-escaping-from-restricted-shell-and-gaining-root-access-to-solarwinds-log-event-manager-siem-product/nvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.