5 results (0.005 seconds)

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0

SolarWinds LEM (aka SIEM) before 6.3.1 has an incorrect sudo configuration, which allows local users to obtain root access by editing /usr/local/contego/scripts/hostname.sh. SolarWinds LEM (también conocido como SIEM) en versiones anteriores a 6.3.1 tiene una configuración sudo incorrecta, lo que permite a usuarios locales obtener acceso root editando /usr/local/contego/scripts/hostname.sh. • http://blog.0xlabs.com/2017/03/solarwinds-lem-ssh-jailbreak-and.html http://www.securityfocus.com/bid/97094 •

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0

The editbanner feature in SolarWinds LEM (aka SIEM) through 6.3.1 allows remote authenticated users to execute arbitrary code by editing /usr/local/contego/scripts/mgrconfig.pl. La característica editbanner en SolarWinds LEM (también conocido como SIEM) hasta la versión 6.3.1 permite a usuarios remotos autenticados ejecutar código arbitrario editando /usr/local/contego/scripts/mgrconfig.pl. • http://blog.0xlabs.com/2017/03/solarwinds-lem-ssh-jailbreak-and.html http://www.securityfocus.com/bid/97090 • CWE-732: Incorrect Permission Assignment for Critical Resource •

CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 0

The command line management console (CMC) in SolarWinds Log and Event Manager (LEM) before 6.2.0 allows remote attackers to execute arbitrary code via unspecified vectors involving the ping feature. La consola de administración de linea de comandos (CMC) en SolarWinds Log y Event Manager (LEM) en versiones anteriores a 6.2.0 permite a atacantes remotos ejecutar código arbitrario a través de vectores no especificados involucrando la funcionalidad ping. • http://www.solarwinds.com/documentation/lem/docs/releasenotes/releasenotes.htm https://security.gentoo.org/glsa/201603-11 • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 7.5EPSS: 44%CPEs: 1EXPL: 0

SolarWinds Log and Event Manager (LEM) allows remote attackers to execute arbitrary commands on managed computers via a request to services/messagebroker/nonsecurestreamingamf involving the traceroute functionality. SolarWinds Log y Event Manager (LEM) permite a atacantes remotos ejecutar comandos arbitrarios en ordenadores gestionados a través de una petición a services/messagebroker/nonsecurestreamingamf implicando la funcionalidad traceroute. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Solarwinds Log and Event Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within requests to /services/messagebroker/nonsecurestreamingamf utilizing the traceroute functionality. A command injection vulnerability exists which allows an attacker to execute arbitrary commands on all managed computers using the LEM agent connected to the Log and Event Manager. • http://www.zerodayinitiative.com/advisories/ZDI-15-461 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •

CVSS: 7.5EPSS: 94%CPEs: 5EXPL: 0

SolarWinds Log and Event Manager before 6.0 uses "static" credentials, which makes it easier for remote attackers to obtain access to the database and execute arbitrary code via unspecified vectors, related to HyperSQL. SolarWinds Log And Event Manager anterior a 6.0 utiliza credenciales 'estáticas', lo que facilita a atacantes remotos obtener acceso a la base de datos y ejecutar código arbitrario a través de vectores no especificados, relacionado con HyperSQL. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of SolarWinds Log and Event Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within the usage of HyperSQL. The issue lies in the usage of static credentials to access the database. • http://www.solarwinds.com/documentation/lem/docs/releasenotes/releasenotes.htm http://www.zerodayinitiative.com/advisories/ZDI-14-303 • CWE-255: Credentials Management Errors •