VYPR

Log \& Event Manager

by SolarWinds

CVEs (3)

  • CVE-2017-7722CriApr 12, 2017
    risk 0.69cvss 10.0epss 0.13

    In SolarWinds Log & Event Manager (LEM) before 6.3.1 Hotfix 4, a menu system is encountered when the SSH service is accessed with "cmc" and "password" (the default username and password). By exploiting a vulnerability in the restrictssh feature of the menuing script, an attacker…

  • CVE-2017-7647HigApr 10, 2017
    risk 0.57cvss 8.8epss 0.03

    SolarWinds Log & Event Manager (LEM) before 6.3.1 Hotfix 4 allows an authenticated user to execute arbitrary commands.

  • CVE-2017-7646MedApr 10, 2017
    risk 0.42cvss 6.5epss 0.01

    SolarWinds Log & Event Manager (LEM) before 6.3.1 Hotfix 4 allows an authenticated user to browse the server's filesystem and read the contents of arbitrary files contained within.