CVE-2015-7840

critical

Description

The command line management console (CMC) in SolarWinds Log and Event Manager (LEM) before 6.2.0 allows remote attackers to execute arbitrary code via unspecified vectors involving the ping feature.

References

https://security.gentoo.org/glsa/201603-11

http://www.solarwinds.com/documentation/lem/docs/releasenotes/releasenotes.htm

Details

Source: Mitre, NVD

Published: 2015-10-15

Updated: 2016-12-03

Risk Information

CVSS v2

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Severity: High

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical