Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
log and event manager vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2014-5504
SolarWinds Log and Event Manager prior to 6.0 uses "static" credentials, which makes it easier for remote malicious users to obtain access to the database and execute arbitrary code via unspecified vectors, related to HyperSQL.
Solarwinds Log And Event Manager
Solarwinds Log And Event Manager 5.6.0
Solarwinds Log And Event Manager 5.5.0
Solarwinds Log And Event Manager 5.2.0
Solarwinds Log And Event Manager 5.4.0
7.2
CVSSv2
CVE-2017-5198
SolarWinds LEM (aka SIEM) prior to 6.3.1 has an incorrect sudo configuration, which allows local users to obtain root access by editing /usr/local/contego/scripts/hostname.sh.
Solarwinds Log And Event Manager
6.5
CVSSv2
CVE-2017-5199
The editbanner feature in SolarWinds LEM (aka SIEM) up to and including 6.3.1 allows remote authenticated users to execute arbitrary code by editing /usr/local/contego/scripts/mgrconfig.pl.
Solarwinds Log And Event Manager
7.5
CVSSv2
CVE-2015-7839
SolarWinds Log and Event Manager (LEM) allows remote malicious users to execute arbitrary commands on managed computers via a request to services/messagebroker/nonsecurestreamingamf involving the traceroute functionality.
Solarwinds Log And Event Manager
7.5
CVSSv2
CVE-2015-7840
The command line management console (CMC) in SolarWinds Log and Event Manager (LEM) prior to 6.2.0 allows remote malicious users to execute arbitrary code via unspecified vectors involving the ping feature.
Solarwinds Log And Event Manager
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3400
CVE-2023-7252
CVE-2024-21111
denial of service
CVE-2024-29661
CVE-2024-22856
remote attackers
encryption
CVE-2023-38299
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started