CVE-2017-7722

Name of the Vulnerable Software and Affected Versions SolarWinds Log & Event Manager (LEM) versions prior to 6.3.1 Hotfix 4

Description The issue is related to the restrictssh feature in the menuing script of SolarWinds Log & Event Manager (LEM). An attacker can exploit this to escape from the restricted shell by accessing the SSH service with the default username and password, cmc and password. This allows a remote attacker to bypass shell restrictions, elevate privileges, and execute commands with root privileges.

Recommendations For SolarWinds Log & Event Manager (LEM) versions prior to 6.3.1 Hotfix 4, update to version 6.3.1 Hotfix 4 or later to resolve the issue. As a temporary workaround, consider changing the default username and password for SSH access to prevent exploitation.