Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
4.7
CVSSv3

CVE-2016-5709

Published: 24/06/2016 Updated: 30/11/2016
CVSS v2 Base Score: 1.9 | Impact Score: 2.9 | Exploitability Score: 3.4
CVSS v3 Base Score: 4.7 | Impact Score: 3.6 | Exploitability Score: 1
VMScore: 169
Vector: AV:L/AC:M/Au:N/C:P/I:N/A:N
Subscribe to Virtualization Manager

Vulnerability Summary

SolarWinds Virtualization Manager 6.3.1 and previous versions uses weak encryption to store passwords in /etc/shadow, which allows local users with superuser privileges to obtain user passwords via a brute force attack.

Vulnerable Product Search on Vulmon Subscribe to Product

solarwinds virtualization manager

References

CWE-200http://seclists.org/fulldisclosure/2016/Jun/38http://packetstormsecurity.com/files/137525/Solarwinds-Virtualization-Manager-6.3.1-Weak-Crypto.htmlhttps://nvd.nist.gov
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
encryptionCVE-2024-4331CVE-2024-26925arbitrary codeCVE-2006-4304CVE-2024-25458CVE-2024-27077reflected XSSCVE-2024-4059
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook