CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2012-3951

The MySQL component in Plixer Scrutinizer (aka Dell SonicWALL Scrutinizer) 9.0.1.19899 and earlier has a default password of admin for the (1) scrutinizer and (2) scrutremote accounts, which allows remote attackers to execute arbitrary SQL commands via a TCP session.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.795

EPSS Ranking 99.0%

CVSS Severity

CVSS v2 Score 7.5

References

http://www.plixer.com/Press-Releases/plixer-releases-9-5-2.html
https://www.trustwave.com/spiderlabs/advisories/TWSL2012-014.txt
http://www.plixer.com/Press-Releases/plixer-releases-9-5-2.html
https://www.trustwave.com/spiderlabs/advisories/TWSL2012-014.txt

Products affected by CVE-2012-3951

Sonicwall » Scrutinizer » Version: 8.6.2

cpe:2.3:a:sonicwall:scrutinizer:8.6.2
Sonicwall » Scrutinizer » Version: 9.0.0

cpe:2.3:a:sonicwall:scrutinizer:9.0.0
Sonicwall » Scrutinizer » Version: 9.0.1

cpe:2.3:a:sonicwall:scrutinizer:9.0.1
Sonicwall » Scrutinizer » Version: 9.0.1.19899

cpe:2.3:a:sonicwall:scrutinizer:9.0.1.19899

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2012-3951

Products

Pricing

Contact Us