CyberSec.Space Logo
返回 CVE 浏览器

CVE-2017-7722

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1150%
EPSS Percentile20.63th
Published2017年4月12日
Last Modified2026年5月13日

Vulnerability Description

In SolarWinds Log & Event Manager (LEM) before 6.3.1 Hotfix 4, a menu system is encountered when the SSH service is accessed with "cmc" and "password" (the default username and password). By exploiting a vulnerability in the restrictssh feature of the menuing script, an attacker can escape from the restricted shell.

Affected Platforms (CPE)

📦
Solarwinds

Log \& Event Manager

= 6.3.1

References & Advisories

🔗 https://pentest.blog/unexpected-journey-4-escaping-from-restricted-shell-and-gaining-root-access-to-solarwinds-log-event-manager-siem-product/
🔗 https://thwack.solarwinds.com/thread/111223
🔗 https://pentest.blog/unexpected-journey-4-escaping-from-restricted-shell-and-gaining-root-access-to-solarwinds-log-event-manager-siem-product/
🔗 https://thwack.solarwinds.com/thread/111223

相关漏洞威胁

CVE-2017-76478.8

SolarWinds Log & Event Manager (LEM) before 6.3.1 Hotfix 4 allows an authenticated user to execute arbitrary commands.

CVE-2014-55047.5

SolarWinds Log and Event Manager before 6.0 uses "static" credentials, which makes it easier for remote attackers to obtain access...

CVE-1999-05757.5

A Windows NT system's user audit policy does not log an event success or failure, e.g. for Logon and Logoff, File and Object Acces...

CVE-2019-123917.5

The Anviz Management System for access control has insufficient logging for device events such as door open requests.