CVE-2017-5199

The editbanner feature in SolarWinds LEM (aka SIEM) through 6.3.1 allows remote authenticated users to execute arbitrary code by editing /usr/local/contego/scripts/mgrconfig.pl.
Configurations

Configuration 1 (hide)

cpe:2.3:a:solarwinds:log_and_event_manager:*:*:*:*:*:*:*:*

History

21 Nov 2024, 03:27

Type Values Removed Values Added
References () http://blog.0xlabs.com/2017/03/solarwinds-lem-ssh-jailbreak-and.html - Third Party Advisory () http://blog.0xlabs.com/2017/03/solarwinds-lem-ssh-jailbreak-and.html - Third Party Advisory
References () http://www.securityfocus.com/bid/97090 - Third Party Advisory, VDB Entry () http://www.securityfocus.com/bid/97090 - Third Party Advisory, VDB Entry

Information

Published : 2017-03-24 07:59

Updated : 2024-11-21 03:27


NVD link : CVE-2017-5199

Mitre link : CVE-2017-5199

CVE.ORG link : CVE-2017-5199


JSON object : View

Products Affected

solarwinds

  • log_and_event_manager
CWE
CWE-732

Incorrect Permission Assignment for Critical Resource