Log \& Event Manager
Sign in to watchby SolarWinds
CVEs (3)
| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2017-7722 | Cri | 0.72 | 10.0 | 0.50 | Apr 12, 2017 | In SolarWinds Log & Event Manager (LEM) before 6.3.1 Hotfix 4, a menu system is encountered when the SSH service is accessed with "cmc" and "password" (the default username and password). By exploiting a vulnerability in the restrictssh feature of the menuing script, an attacker can escape from the restricted shell. | |
| CVE-2017-7647 | Hig | 0.57 | 8.8 | 0.03 | Apr 10, 2017 | SolarWinds Log & Event Manager (LEM) before 6.3.1 Hotfix 4 allows an authenticated user to execute arbitrary commands. | |
| CVE-2017-7646 | Med | 0.42 | 6.5 | 0.01 | Apr 10, 2017 | SolarWinds Log & Event Manager (LEM) before 6.3.1 Hotfix 4 allows an authenticated user to browse the server's filesystem and read the contents of arbitrary files contained within. |