Remote Shell Escape in SolarWinds Log & Event Manager
CVE-2017-7722
Key Information:
- Vendor
- Solarwinds
- Status
- Vendor
- CVE Published:
- 12 April 2017
Badges
Summary
A shell escape vulnerability exists in SolarWinds Log & Event Manager prior to version 6.3.1 Hotfix 4. This security issue arises when the SSH service is accessed using default credentials, specifically 'cmc' and 'password'. An attacker may exploit a flaw in the restrictssh feature, allowing them to escape from the intended restricted shell environment. This breach potentially enables unauthorized users to gain deeper access to the system, raising serious security concerns for affected installations.
Exploit Proof of Concept (PoC)
PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.
References
CVSS V3.1
Timeline
Vulnerability Reserved
Vulnerability published
- 🟡
Public PoC available
- 👾
Exploit known to exist