Vulnerability Name:

CVE-2012-2626 (CCN-77278)

Assigned:2012-07-27
Published:2012-07-27
Updated:2018-03-08
Summary:cgi-bin/admin.cgi in the web console in Plixer Scrutinizer (aka Dell SonicWALL Scrutinizer) before 9.5.0 does not require token authentication, which allows remote attackers to add administrative accounts via a userprefs action.
CVSS v3 Severity:5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): Low
Availibility (A): None
CVSS v2 Severity:5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N)
4.1 Medium (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N/E:F/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): Partial
Availibility (A): None
5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N)
4.1 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N/E:F/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): Partial
Availibility (A): None
Vulnerability Type:CWE-287
Vulnerability Consequences:Bypass Security
References:Source: MITRE
Type: CNA
CVE-2012-2626

Source: CCN
Type: SA50074
Scrutinizer NetFlow and sFlow Analyzer Database User Accounts Default Password Weakness

Source: CCN
Type: OSVDB ID: 84318
Scrutinizer NetFlow and sFlow Analyzer HTTP Request Parsing Authentication Bypass

Source: CCN
Type: Plixer Web site
Scrutinizer NetFlow and sFlow Analyzer

Source: MISC
Type: Broken Link, Third Party Advisory
http://www.plixer.com/Press-Releases/plixer-releases-9-5-2.html

Source: CCN
Type: BID-54727
Scrutinizer HTTP Authentication Bypass Vulnerability

Source: XF
Type: UNKNOWN
netflow-sflow-sec-bypass(77278)

Source: CCN
Type: Rapid7 Vulnerability and Exploit Database [05-30-2018]
Plixer Scrutinizer NetFlow and sFlow Analyzer HTTP Authentication Bypass

Source: CCN
Type: TWSL2012-014
Multiple Vulnerabilities in Scrutinizer NetFlow & sFlow Analyzer

Source: MISC
Type: Exploit, Third Party Advisory
https://www.trustwave.com/spiderlabs/advisories/TWSL2012-014.txt

Vulnerable Configuration:Configuration 1:
  • cpe:/a:sonicwall:scrutinizer:*:*:*:*:*:*:*:* (Version < 9.5.0)

    • * Denotes that component is vulnerable
    BACK
    sonicwall scrutinizer *