CVE-2012-2576: SQL Injection
First published: Wed Dec 20 2017(Updated: )
SQL injection vulnerability in the LoginServlet page in SolarWinds Storage Manager before 5.1.2, SolarWinds Storage Profiler before 5.1.2, and SolarWinds Backup Profiler before 5.1.2 allows remote attackers to execute arbitrary SQL commands via the loginName field.
Credit: cret@cert.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| SolarWinds Backup Profiler | <5.1.2 | |
| SolarWinds Storage Manager | <5.1.2 | |
| SolarWinds Storage Profiler | <5.1.2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- collector/nvd-index
- agent/references
- agent/severity
- agent/weakness
- agent/author
- agent/event
- agent/type
- agent/description
- agent/first-publish-date
- agent/softwarecombine
- agent/last-modified-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/solarwinds
- canonical/solarwinds backup profiler
- canonical/solarwinds storage manager
- canonical/solarwinds storage profiler