Log & Event Manager

log_&_event_manager

Vendor: Solarwinds • 3 CVEs

CVEs (3)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2017-7722 1Solarwinds 1Log & Event Manager May 13, 2026 Apr 12, 2017 N/A· v4 10.0 CRITICAL· v3 10.0 HIGH· v2 In SolarWinds Log & Event Manager (LEM) before 6.3.1 Hotfix 4, a menu system is encountered when the SSH service is accessed with "cmc" and "password" (the default username and password). By exploiting a vulnerability in...Show more In SolarWinds Log & Event Manager (LEM) before 6.3.1 Hotfix 4, a menu system is encountered when the SSH service is accessed with "cmc" and "password" (the default username and password). By exploiting a vulnerability in the restrictssh feature of the menuing script, an attacker can escape from the restricted shell.Show less
CVE-2017-7647 1Solarwinds 1Log & Event Manager May 13, 2026 Apr 10, 2017 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 SolarWinds Log & Event Manager (LEM) before 6.3.1 Hotfix 4 allows an authenticated user to execute arbitrary commands.
CVE-2017-7646 1Solarwinds 1Log & Event Manager May 13, 2026 Apr 10, 2017 N/A· v4 6.5 MEDIUM· v3 4.0 MEDIUM· v2 SolarWinds Log & Event Manager (LEM) before 6.3.1 Hotfix 4 allows an authenticated user to browse the server's filesystem and read the contents of arbitrary files contained within.