CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2017-5199

The editbanner feature in SolarWinds LEM (aka SIEM) through 6.3.1 allows remote authenticated users to execute arbitrary code by editing /usr/local/contego/scripts/mgrconfig.pl.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.03

EPSS Ranking 86.0%

CVSS Severity

CVSS v3 Score 8.8

CVSS v2 Score 6.5

References

http://blog.0xlabs.com/2017/03/solarwinds-lem-ssh-jailbreak-and.html
http://www.securityfocus.com/bid/97090
http://blog.0xlabs.com/2017/03/solarwinds-lem-ssh-jailbreak-and.html
http://www.securityfocus.com/bid/97090

Products affected by CVE-2017-5199

Solarwinds » Log And Event Manager » Version: 6.1

cpe:2.3:a:solarwinds:log_and_event_manager:6.1
Solarwinds » Log And Event Manager » Version: 6.2

cpe:2.3:a:solarwinds:log_and_event_manager:6.2
Solarwinds » Log And Event Manager » Version: 6.2.1

cpe:2.3:a:solarwinds:log_and_event_manager:6.2.1
Solarwinds » Log And Event Manager » Version: 6.3.0

cpe:2.3:a:solarwinds:log_and_event_manager:6.3.0
Solarwinds » Log And Event Manager » Version: 6.3.1

cpe:2.3:a:solarwinds:log_and_event_manager:6.3.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-5199

Products

Pricing

Contact Us