VYPR

LEM

by SolarWinds

CVEs (2)

  • CVE-2017-5199HigMar 24, 2017
    risk 0.57cvss 8.8epss 0.03

    The editbanner feature in SolarWinds LEM (aka SIEM) through 6.3.1 allows remote authenticated users to execute arbitrary code by editing /usr/local/contego/scripts/mgrconfig.pl.

  • CVE-2017-5198HigMar 24, 2017
    risk 0.57cvss 8.8epss 0.01

    SolarWinds LEM (aka SIEM) before 6.3.1 has an incorrect sudo configuration, which allows local users to obtain root access by editing /usr/local/contego/scripts/hostname.sh.