Lucene search

[email protected]CVE-2017-5198

HistoryMar 24, 2017 - 7:59 a.m.

CVE-2017-5198

2017-03-2407:59:00

NVD-CWE-noinfo

[email protected]

web.nvd.nist.gov

solarwinds

lem

siem

sudo misconfiguration

root access

nvd

cve-2017-5198

8.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

6.4 Medium

AI Score

Confidence

Low

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

5.2%

JSON

SolarWinds LEM (aka SIEM) before 6.3.1 has an incorrect sudo configuration, which allows local users to obtain root access by editing /usr/local/contego/scripts/hostname.sh.

CPENameOperatorVersion
solarwinds:log_and_event_managersolarwinds log and event managerlt6.3.1

CPE	Name	Operator	Version
solarwinds:log_and_event_manager	solarwinds log and event manager	lt	6.3.1

References

blog.0xlabs.com/2017/03/solarwinds-lem-ssh-jailbreak-and.html

www.securityfocus.com/bid/97094

8.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

6.4 Medium

AI Score

Confidence

Low

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

5.2%

JSON

Related for CVE-2017-5198

cvelist1 prion1 nessus2 openvas1