Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
solarwinds log and event manager vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2014-5504
SolarWinds Log and Event Manager prior to 6.0 uses "static" credentials, which makes it easier for remote malicious users to obtain access to the database and execute arbitrary code via unspecified vectors, related to HyperSQL.
Solarwinds Log And Event Manager
Solarwinds Log And Event Manager 5.6.0
Solarwinds Log And Event Manager 5.5.0
Solarwinds Log And Event Manager 5.2.0
Solarwinds Log And Event Manager 5.4.0
668
VMScore
CVE-2015-7839
SolarWinds Log and Event Manager (LEM) allows remote malicious users to execute arbitrary commands on managed computers via a request to services/messagebroker/nonsecurestreamingamf involving the traceroute functionality.
Solarwinds Log And Event Manager
668
VMScore
CVE-2015-7840
The command line management console (CMC) in SolarWinds Log and Event Manager (LEM) prior to 6.2.0 allows remote malicious users to execute arbitrary code via unspecified vectors involving the ping feature.
Solarwinds Log And Event Manager
641
VMScore
CVE-2017-5198
SolarWinds LEM (aka SIEM) prior to 6.3.1 has an incorrect sudo configuration, which allows local users to obtain root access by editing /usr/local/contego/scripts/hostname.sh.
Solarwinds Log And Event Manager
578
VMScore
CVE-2017-5199
The editbanner feature in SolarWinds LEM (aka SIEM) up to and including 6.3.1 allows remote authenticated users to execute arbitrary code by editing /usr/local/contego/scripts/mgrconfig.pl.
Solarwinds Log And Event Manager
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-17519
open redirect
CVE-2024-21683
cache poisoning
CVE-2021-47524
CVE-2021-47521
CVE-2024-5229
CVE-2021-47560
local
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started