File Browsing Vulnerability in SolarWinds Log & Event Manager
CVE-2017-7646
6.5MEDIUM
What is CVE-2017-7646?
An issue in SolarWinds Log & Event Manager before version 6.3.1 Hotfix 4 allows an authenticated user to inadvertently browse the server's filesystem. This flaw enables the retrieval of arbitrary files, potentially exposing sensitive data that could be exploited by attackers. Organizations using affected versions should prioritize upgrading their installations to mitigate this security risk.