An entity in Network Configuration Manager product is misconfigured and exposing password field to Solarwinds Information Service (SWIS). Exposed credentials are encrypted and require authenticated access with an NCM role.
Credits
SolarWinds would like to thank Preston Deason, Chad Larsen and Zachary Riezenman for reporting on the issue in a responsible manner.
