While there exists an updated version of NCM, I do not believe that simply updating the program will resolve this security issue. However there does exist a setting that you can change that should prevent this vulnerability:
I tried this and it worked... so the workaround to resolve this is as follows:
1) Open web.config file. Should be located: C:\inetpub\SolarWinds\web.config
2) Search for the row: <httpErrors errorMode="Detailed" />
3) Change this entry to:
<httpErrors errorMode="Detailed" existingResponse="PassThrough" />
