Community
- Command Central
- MVP Program
- Monthly Mission
- Blogs
- Groups
- Events
- Media Vault
Products
- Observability
- Network Management
- Application Management
- IT Security
- IT Service Management
- System Management
- Database Management
Content Exchange
- SolarWinds Platform
- Server & Application Monitor
- Database Performance Analyzer
- Server Configuration Monitor
- Network Performance Monitor
- Network Configuration Manager
- SQL Sentry
- Web Help Desk
Free Tools & Trials

NCM Upgrade Security Concern

Today I upgraded our NCM system to version 7.0.2 integrating it with the rest of Orion. While the upgrade went mostly smoothly I was met with very critical security concern when the upgrade was completed...

All of my user accounts in Orion had access to NCM with WebUploader privileges. We are a MSP and provide monitoring services through Orion and this was a big issue.

Going forward with future upgrades to NCM (or any other Orion product) I certainly hope to not see this kind of behavior. I would much prefer the products to default to a more secure "no access" configuration.

Find more posts tagged with

Accepted answers

All comments

byrona

I have not received any feedback on this and wanted to make sure that SolarWinds was aware of this potential security concern.

mdriskell

Thanks for posting...I upgraded last week and wasn't aware of this issue...I just confirmed that all of my non NCM users now have webuploader rights....time to do some cleanup.

gljb77

Yep we had the same and was slightly disconcerting. I certainly hope this is taken in to consideration going forwards!