CVE-2015-7840

high

Description

The command line management console (CMC) in SolarWinds Log and Event Manager (LEM) before 6.2.0 allows remote attackers to execute arbitrary code via unspecified vectors involving the ping feature.

References

http://www.solarwinds.com/documentation/lem/docs/releasenotes/releasenotes.htm

https://security.gentoo.org/glsa/201603-11

Details

Source: MITRE

Published: 2015-10-15

Updated: 2016-12-03

Type: CWE-264

Risk Information

CVSS v2

Base Score: 7.5

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Impact Score: 6.4

Exploitability Score: 10

Severity: HIGH