CVE-2012-2962

Опубликовано: 30 июл. 2012

Источник: nvd

CVSS2: 6.5

EPSS Критический

Описание

SQL injection vulnerability in d4d/statusFilter.php in Plixer Scrutinizer (aka Dell SonicWALL Scrutinizer) before 9.5.2 allows remote authenticated users to execute arbitrary SQL commands via the q parameter.

Ссылки

http://secunia.com/advisories/50052
Third Party Advisory
http://www.exploit-db.com/exploits/20033
Exploit
Third Party Advisory
VDB Entry
http://www.kb.cert.org/vuls/id/404051
Third Party Advisory
US Government Resource
http://www.osvdb.org/84232
Broken Link
http://www.plixer.com/Press-Releases/plixer-releases-9-5-2.html
Third Party Advisory
http://www.securityfocus.com/bid/54625
Exploit
Third Party Advisory
VDB Entry
http://www.sonicwall.com/shared/download/Dell_SonicWALL_Scrutinizer_Service_Bulletin_for_SQL_injection_vulnerability_CVE.pdf
Broken Link
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/77148
Third Party Advisory
VDB Entry
http://secunia.com/advisories/50052
Third Party Advisory
http://www.exploit-db.com/exploits/20033
Exploit
Third Party Advisory
VDB Entry
http://www.kb.cert.org/vuls/id/404051
Third Party Advisory
US Government Resource
http://www.osvdb.org/84232
Broken Link
http://www.plixer.com/Press-Releases/plixer-releases-9-5-2.html
Third Party Advisory
http://www.securityfocus.com/bid/54625
Exploit
Third Party Advisory
VDB Entry
http://www.sonicwall.com/shared/download/Dell_SonicWALL_Scrutinizer_Service_Bulletin_for_SQL_injection_vulnerability_CVE.pdf
Broken Link
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/77148
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:sonicwall:scrutinizer:*:*:*:*:*:*:*:*

Версия до 9.5.2 (исключая)

EPSS

Процентиль: 100%

0.90336

Критический

6.5 Medium

CVSS2

Дефекты

CWE-89

Связанные уязвимости

GHSA-2mfw-qmh9-qc8p

github

больше 3 лет назад