Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-2601

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2012-2601
Last Modified 21 Mar 2013 11:10:33
Published 15 Aug 2012 06:55:02
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2012-2601

Summary

SQL injection vulnerability in WrVMwareHostList.asp in Ipswitch WhatsUp Gold 15.02 allows remote attackers to execute arbitrary SQL commands via the sGroupList parameter.

Vulnerable Systems

Application

  • Ipswitch Whatsup Gold 15.02


References

XF - ipswitch-wrvmwarehostlist-sql-injection(77152)

MISC - http://www.whatsupgold.com/blog/2012/07/23/keeping-whatsup-gold-secure/

BID - 54626

EXPLOIT-DB - 20035

CERT-VN - VU#777007

SECTRACK - 1027325


Last Updated: 27 May 2016 10:51:41