Lucene search
HistoryJul 31, 2012 - 10:45 a.m.
CVE-2012-3951
cve-2012-3951
mysql
plixer scrutinizer
dell sonicwall scrutinizer
default password
remote attackers
arbitrary sql commands
nvd
8.2 High
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.795 High
EPSS
Percentile
98.3%
The MySQL component in Plixer Scrutinizer (aka Dell SonicWALL Scrutinizer) 9.0.1.19899 and earlier has a default password of admin for the (1) scrutinizer and (2) scrutremote accounts, which allows remote attackers to execute arbitrary SQL commands via a TCP session.
| CPE | Name | Operator | Version |
|---|---|---|---|
| sonicwall:scrutinizer | sonicwall scrutinizer | le | 9.0.1.19899 |
Related
prion
prion
Sql injection
2012-07-31 10:45:00
packetstorm
packetstorm
Plixer Scrutinizer NetFlow and sFlow Analyzer 9 Default MySQL Credential
2012-08-08 00:00:00
Scrutinizer NetFlow / sFlow Analyzer 9.0.1 XSS / Bypass / File Upload
2012-07-29 00:00:00
checkpoint_advisories
checkpoint_advisories
openvas
openvas
Plixer Scrutinizer Default Credentials (MySQL Protocol)
2012-08-08 00:00:00
securityvulns
securityvulns
8.2 High
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.795 High
EPSS
Percentile
98.3%
Related for CVE-2012-3951