Lucene search
HistoryOct 15, 2015 - 8:59 p.m.
CVE-2015-7840
solarwinds
log and event manager
cmc
remote code execution
cve-2015-7840
security vulnerability
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
5.2 Medium
AI Score
Confidence
High
0.019 Low
EPSS
Percentile
88.8%
The command line management console (CMC) in SolarWinds Log and Event Manager (LEM) before 6.2.0 allows remote attackers to execute arbitrary code via unspecified vectors involving the ping feature.
Affected configurations
Node
solarwindslog_and_event_managerRange≤6.1
| CPE | Name | Operator | Version |
|---|---|---|---|
| solarwinds:log_and_event_manager | solarwinds log and event manager | le | 6.1 |
Related
cvelist
cvelist
CVE-2015-7840
2015-10-15 20:00:00
prion
prion
Security feature bypass
2015-10-15 20:59:00
nvd
nvd
CVE-2015-7840
2015-10-15 20:59:11
nessus
nessus
openvas
openvas
SolarWinds Log and Event Manager Command Injection Vulnerability
2015-11-13 00:00:00
Gentoo Security Advisory GLSA 201603-11
2016-03-14 00:00:00
gentoo
gentoo
Oracle JRE/JDK: Multiple vulnerabilities
2016-03-12 00:00:00
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
5.2 Medium
AI Score
Confidence
High
0.019 Low
EPSS
Percentile
88.8%
Related for CVE-2015-7840