Solarwinds: >> Log And Event Manager >> 6.3.1 Security Vulnerabilities
The editbanner feature in SolarWinds LEM (aka SIEM) through 6.3.1 allows remote authenticated users to execute arbitrary code by editing /usr/local/contego/scripts/mgrconfig.pl.
CVSS Score
8.8
EPSS Score
0.03
Published
2017-03-24
SolarWinds Log and Event Manager (LEM) allows remote attackers to execute arbitrary commands on managed computers via a request to services/messagebroker/nonsecurestreamingamf involving the traceroute functionality.
CVSS Score
7.5
EPSS Score
0.064
Published
2015-10-15