CVE-2014-5504
First published: Thu Sep 04 2014(Updated: )
SolarWinds Log and Event Manager before 6.0 uses "static" credentials, which makes it easier for remote attackers to obtain access to the database and execute arbitrary code via unspecified vectors, related to HyperSQL.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| SolarWinds Log and Event Manager | <=5.7.0 | |
| SolarWinds Log and Event Manager | =5.2.0 | |
| SolarWinds Log and Event Manager | =5.4.0 | |
| SolarWinds Log and Event Manager | =5.5.0 | |
| SolarWinds Log and Event Manager | =5.6.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- agent/author
- agent/description
- agent/first-publish-date
- agent/last-modified-date
- agent/references
- agent/softwarecombine
- agent/type
- agent/weakness
- collector/nvd-index
- vendor/solarwinds
- canonical/solarwinds log and event manager
- version/solarwinds log and event manager/5.7.0
- version/solarwinds log and event manager/5.2.0
- version/solarwinds log and event manager/5.4.0
- version/solarwinds log and event manager/5.5.0
- version/solarwinds log and event manager/5.6.0