Weak Password Encryption in SolarWinds Virtualization Manager
CVE-2016-5709
4.7MEDIUM
What is CVE-2016-5709?
SolarWinds Virtualization Manager prior to version 6.3.1 utilizes a weak encryption mechanism to store passwords in the /etc/shadow file. This serious oversight permits local users with superuser privileges to potentially retrieve these passwords through brute force attacks, compromising the security of the system and its users.