Hi Curtis,
Thank you for taking the time to respond to my article. The purpose of the article is to help clients understand the directory layout behind LEM as SolarWinds does not have any current documentation on this. Most people think, who are aware of the concept of an appliance that it is an application alone but this is not the case.
Although my attention should have been focused on your points, it ended up being focused on your delivery method. To be frank about it, the belittlement of a vulnerability in your appliance is concerning, particularly when you consider the cost of your licensing in your product as a security tool. That being said, a vulnerability in a security tool is hugely alarming coupled with the fact that you are aware of it and have not to my knowledge done anything about it. The second issue which alarms me personally is the way you have outlined a method of ''hacking' your appliance on a public forum? However, i do admire your attempt to explain how the images were obtained, alas that is not how they were obtained which highlights two vulnerabilities. There is also a third vulnerability which is the security patches in Debian 9.4 are missing since the build number you used. I have also checked LEM 6.5 RC1 which has the same build number.
I know you are a sales rep and i can see that because of your example of someone internally ''hacking'' the appliance and auditing, however, if a network is compromised externally and the individual access the LUN where the appliance is stored, retrieves it and applies your ''Hack'' then those text file syslog data would enable the hacker to know the whole environment as all inboud\outbound traffic is sent to LEM under logging level 1. Whats even more concerning is that all usernames for the users and user data is also visible. If the client is recording logging level 7, all website activity is seen and finally, if the client has TACCACS which is AD integrated, all domain authentication information is visible. ''Hackers'' are generally not audited so the cost is not really an issue to be fair, also auditing is a country by country business so the standards and ramification vary as well as the action by country.
I understand as a sales rep that it might be particularly difficult to understand the full ramifications but what i have done is highlight some for you. If you would like some more information i would be more than happy to help as i work on a lot of enterprise environments and have plenty of experience on how they work including on a security level.
Regards
James