Solarwinds Virtualization Manager vulnerabilities
3 known vulnerabilities affecting solarwinds/virtualization_manager.
Total CVEs
3
CISA KEV
1
actively exploited
Public exploits
1
Exploited in wild
1
Severity breakdown
CRITICAL1HIGH1MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2016-3643P1HIGHCVSS 7.8KEVPoC≤ 6.3.12016-06-17
CVE-2016-3643 [HIGH] CWE-264 CVE-2016-3643: SolarWinds Virtualization Manager 6.3.1 and earlier allow local users to gain privileges by leveragi
SolarWinds Virtualization Manager 6.3.1 and earlier allow local users to gain privileges by leveraging a misconfiguration of sudo, as demonstrated by "sudo cat /etc/passwd."
nvd
CVE-2016-3642P2CRITICALCVSS 9.8≤ 6.3.12016-06-17
CVE-2016-3642 [CRITICAL] CVE-2016-3642: The RMI service in SolarWinds Virtualization Manager 6.3.1 and earlier allows remote attackers to ex
The RMI service in SolarWinds Virtualization Manager 6.3.1 and earlier allows remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections (ACC) library.
nvd
CVE-2016-5709P4MEDIUMCVSS 4.7≤ 6.3.12016-06-24
CVE-2016-5709 [MEDIUM] CWE-200 CVE-2016-5709: SolarWinds Virtualization Manager 6.3.1 and earlier uses weak encryption to store passwords in /etc/
SolarWinds Virtualization Manager 6.3.1 and earlier uses weak encryption to store passwords in /etc/shadow, which allows local users with superuser privileges to obtain user passwords via a brute force attack.
nvd