CVE-2016-5709

Published: Jun 24, 2016

Modified: Aug 6, 2024

PUBLISHED

Description

SolarWinds Virtualization Manager 6.3.1 and earlier uses weak encryption to store passwords in /etc/shadow, which allows local users with superuser privileges to obtain user passwords via a brute force attack.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

http://packetstormsecurity.com/files/137525/Solarwinds-Virtualization-Manager-6.3.1-Weak-Crypto.html

x_refsource_MISC

20160616 CVE-2016-5709 - Use of Weak Encryption Algorithm in Solarwinds Virtualization Manager

mailing-list

x_refsource_FULLDISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2016-5709

Description

Affected Products

References