An improper access control vulnerability was discovered in the SolarWinds’ Log & Event Manager (LEM) management console (CMC). The CMC is a restricted environment providing functionality for upgrading or maintaining LEM appliances. This vulnerability allows an authenticated user to bypass restrictions imposed by the CMC and browse the underlying server’s filesystem, as well as read the contents of arbitrary files contained within.
Filter by Date:
- Bishop Fox To Demonstrate Large-Scale Attacks At RSA Conference
- Bishop Fox to Demonstrate Three Innovative Tools at Black Hat Tools Arsenal
- Bishop Fox to Speak at Black Hat, DEF CON, and BSides Las Vegas 2015
- Bishop Fox Reveals Vulnerabilities in Home, Office, and Building Security Systems
- 3TV News – Valley Man Creates Website to Test Online Retailers’ Security