San Antonio, TX – October 27, 2015 – Digital Defense, Inc. (DDI), a leading provider of managed security risk assessments, disclosed a vulnerability within the SolarWinds Log and Event Manager (LEM), an industry recognized Security Information and Event Management platform. Prior to acquisition by SolarWinds, the platform was formerly known as TriGeo SIM.
About the Vulnerability
LEM is vulnerable to an XML external entity injection through the agent message-processing service. Due to this issue an attacker can trigger the vulnerability and force the disclosure of arbitrary files on the appliance. Further, this vulnerability can be abused to allow remote execution of arbitrary system commands, which will lead to complete compromise of the LEM appliance and furthermore lead to full control of any connected endpoint agents that may be deployed throughout the enterprise.
Digital Defense Research Methodology and Practices
DDI’s Vulnerability Research Team, utilizing the company’s hybrid cloud platform, Frontline™ Vulnerability Manager (FVM), is able to identify previously unknown vulnerabilities, commonly referred to as “Zero-Days”.
“One of the key advantages of FVM is our patented vulnerability auditing technology which can often catch vendor agnostic classes of flaws such as XXE and other application vectors that are missed by more traditional auditing methods” states Mike Cotton, Vice President of Research & Development for DDI.
SolarWinds has been made aware of the issue and is actively working to resolve. Questions may be directed to SolarWinds Support: 866.530.8040, Option 3
Additionally, DDI will post more information to the DDI Labs Blog as it becomes available.
About Digital Defense
Founded in 1999, Digital Defense, Inc., (DDI) is a premier provider of managed security risk assessment solutions protecting billions of dollars in assets for clients around the globe. In 2015, the organization has received numerous industry recognitions including a top 50 ranking (#46) in Cybersecurity Ventures’ listing of the World’s 500 Hottest Cybersecurity Companies, as well as inclusion in CSO Outlook’s Top 10 Network Security Companies and CIO Review’s 20 Most Promising Cyber Security Solutions. Vulnerability scanning, penetration testing, and security awareness training are DDI’s most popular offerings, each of which proactively improves the security of an organization’s confidential data. DDI utilizes a unique Vulnerability Management as a Service (VMaaS) delivery model to help organizations establish an effective culture of security and retain information security best practices, bringing lasting value to clients served. Contact DDI at 877-273-1412 or ddifrontline.com.
Digital Defense and the Shield Logo are Registered Service Marks of Digital Defense, Inc. All other trademarks are the property of their respective owners.