SolarWinds Log and Event Manager < 6.0.1 HyperSQL Remote Code Execution

high Nessus Plugin ID 78915

Synopsis

The remote web application is affected by a remote code execution vulnerability.

Description

According to its self-reported version number, the installation of SolarWinds Log and Event Manager on the remote host is a version prior to 6.0.1. It is, therefore, affected by a flaw in HyperSQL that allows a remote, unauthenticated user to execute arbitrary code under the context of the database on the remote host.

Note that some instances of version 6.0.0 may not be affected. Contact the vendor for more information.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Upgrade to SolarWinds Log and Event Manager version 6.0.1 or later.

See Also

http://www.nessus.org/u?3853b7d8

http://www.nessus.org/u?244c12ad

Plugin Details

Severity: High

ID: 78915

File Name: solarwinds_lem_6_0_1.nasl

Version: 1.4

Type: remote

Family: CGI abuses

Published: 11/7/2014

Updated: 1/19/2021

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.3

CVSS v2

Risk Factor: High

Base Score: 7.5

Temporal Score: 5.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Information

CPE: cpe:/a:solarwinds:log_and_event_manager

Required KB Items: installed_sw/SolarWinds Log and Event Manager

Exploit Ease: No exploit is required

Patch Publication Date: 8/26/2014

Vulnerability Publication Date: 9/3/2014

Reference Information

CVE: CVE-2014-5504

BID: 69559