SolarWinds Virtualization Manager Privilege Escalation Vulnerability
NVDKnown Exploited Vulnerability
CVE-2016-3643, SolarWinds Virtualization Manager Privilege Escalation Vulnerability is part of CISA's list of Known Exploited Vulnerabilities. SolarWinds Virtualization Manager 6.3.1 and earlier allow local users to gain privileges by leveraging a misconfiguration of sudo, as demonstrated by "sudo cat /etc/passwd.".
The following remediation steps are recommended / required by May 3, 2022: Apply updates per vendor instructions.