3 matches found
CVE-2016-3643
SolarWinds Virtualization Manager
CVE-2016-3642
Summary: CVE-2016-3642 affects SolarWinds Virtualization Manager; the RMI service (port 1099/TCP) can be exploited via a crafted serialized Java object to achieve remote code execution, due to insecure deserialization tied to Apache Commons Collections (ACC). The vulnerability is present in 6.3.1...
CVE-2016-5709
CVE-2016-5709 affects SolarWinds Virtualization Manager 6.3.1 and earlier. The root cause is weak encryption of passwords stored in /etc/shadow, enabling a local attacker with superuser privileges to brute-force and obtain user passwords. Documented impact is local, with partial confidentiality e...