What is CVE-2015-2284?

CVE-2015-2284 is a vulnerability in Solarwinds Firewall_security_manager, classified under CWE-264. Published 2015-03-24.

Is CVE-2015-2284 known to be exploited?

3 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Solarwinds Firewall_security_manager

CVE-2015-2284

userlogin.jsp in SolarWinds Firewall Security Manager (FSM) before 6.6.5 HotFix1 allows remote attackers to gain privileges and execute arbitrary code via unspecified vectors, related to client session handling.

EPSS: 0.799 (99.1th percentile) — read the EPSS interpretation.

Affected products

Solarwinds Firewall_security_manager
N/a — versions n/a

Weakness classification (CWE)

CWE-264

Public proof-of-concept exploits

rapid7/metasploit-framework
ARPSyndicate/cvemon
arunmodi/portfolio

References

cve@mitre.org (Patch, x_refsource_MISC)

Frequently asked questions

What is CVE-2015-2284?: CVE-2015-2284 is a vulnerability in Solarwinds Firewall_security_manager, classified under CWE-264. Published 2015-03-24.
Is CVE-2015-2284 known to be exploited?: 3 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.