Test ID:	1.3.6.1.4.1.25623.1.0.106698
Category:	Web application abuses
Title:	SolarWinds Log and Event Manager SSH Jailbreak and Privilege Escalation Vulnerabilities
Summary:	SolarWinds LEM is prone to multiple vulnerabilities.
Description:	Summary: SolarWinds LEM is prone to multiple vulnerabilities. Vulnerability Insight: SolarWinds LEM is prone to multiple vulnerabilities: - Incorrect permissions on management scripts allows privilege escalation. (CVE-2017-5198) - Authenticated custom shell Jailbreak and command execution (CVE-2017-5199) Affected Software/OS: SolarWinds Log and Event Manager version 6.3.1 and prior. Solution: Upgrade to version 6.3.1 Hotfix 3 or later. CVSS Score: 7.2 CVSS Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2017-5198 BugTraq ID: 97094 http://www.securityfocus.com/bid/97094 http://blog.0xlabs.com/2017/03/solarwinds-lem-ssh-jailbreak-and.html Common Vulnerability Exposure (CVE) ID: CVE-2017-5199 BugTraq ID: 97090 http://www.securityfocus.com/bid/97090
Copyright	Copyright (C) 2017 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.