The Bishop Fox assessment team discovered an arbitrary command injection vulnerability within the SolarWinds’ Log & Event Manager (LEM) management console (CMC). The CMC is a restricted environment providing functionality for upgrading or maintaining LEM appliances. This vulnerability allows an authenticated user to bypass restrictions imposed by the CMC and execute arbitrary commands on the vulnerable system as the root user.
Filter by Date:
- Bishop Fox To Demonstrate Large-Scale Attacks At RSA Conference
- Bishop Fox to Demonstrate Three Innovative Tools at Black Hat Tools Arsenal
- Bishop Fox to Speak at Black Hat, DEF CON, and BSides Las Vegas 2015
- Bishop Fox Reveals Vulnerabilities in Home, Office, and Building Security Systems
- 3TV News – Valley Man Creates Website to Test Online Retailers’ Security