Lucene search
HistoryJul 31, 2012 - 10:45 a.m.
CVE-2012-2626
plixer scrutinizer
dell sonicwall scrutinizer
cve-2012-2626
web console
security vulnerability
authentication
6.7 Medium
AI Score
Confidence
Low
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
0.821 High
EPSS
Percentile
98.4%
cgi-bin/admin.cgi in the web console in Plixer Scrutinizer (aka Dell SonicWALL Scrutinizer) before 9.5.0 does not require token authentication, which allows remote attackers to add administrative accounts via a userprefs action.
| CPE | Name | Operator | Version |
|---|---|---|---|
| sonicwall:scrutinizer | sonicwall scrutinizer | lt | 9.5.0 |
Related
checkpoint_advisories
checkpoint_advisories
prion
prion
Authentication flaw
2012-07-31 10:45:00
openvas
openvas
Scrutinizer Arbitrary File Upload Vulnerability
2012-08-02 00:00:00
nessus
nessus
Scrutinizer < 9.5.2 Multiple Vulnerabilities
2012-08-23 00:00:00
securityvulns
securityvulns
packetstorm
packetstorm
Scrutinizer NetFlow / sFlow Analyzer 9.0.1 XSS / Bypass / File Upload
2012-07-29 00:00:00
6.7 Medium
AI Score
Confidence
Low
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
0.821 High
EPSS
Percentile
98.4%
Related for CVE-2012-2626