Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-3951

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2012-3951
Last Modified 31 Jul 2012 12:00:00
Published 31 Jul 2012 06:45:42
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2012-3951

Summary

The MySQL component in Plixer Scrutinizer (aka Dell SonicWALL Scrutinizer) 9.0.1.19899 and earlier has a default password of admin for the (1) scrutinizer and (2) scrutremote accounts, which allows remote attackers to execute arbitrary SQL commands via a TCP session.

Vulnerable Systems

Application

  • Dell Sonicwall Scrutinizer 9.0.1.19899


References

MISC - https://www.trustwave.com/spiderlabs/advisories/TWSL2012-014.txt

MISC - http://www.plixer.com/Press-Releases/plixer-releases-9-5-2.html


Last Updated: 27 May 2016 10:58:24