Details of VAR-201207-0237

ID

VAR-201207-0237

CVE

CVE-2012-2962

TITLE

Dell SonicWALL Scrutinizer SQL injection vulnerability

Trust: 0.8

sources: CERT/CC: VU#404051

DESCRIPTION

SQL injection vulnerability in d4d/statusFilter.php in Plixer Scrutinizer (aka Dell SonicWALL Scrutinizer) before 9.5.2 allows remote authenticated users to execute arbitrary SQL commands via the q parameter. Dell SonicWALL Scrutinizer 9.5.0 and older versions contain a SQL injection vulnerability. Dell SonicWALL Scrutinizer is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data. A successful exploit may allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. Dell SonicWALL Scrutinizer 9.0.1 is vulnerable; other versions may also be affected. Dell SonicWALL Scrutinizer is a set of multi-vendor application communication analysis visualization and reporting tools developed by Dell. The tool provides features such as deep packet analysis, vibration/latency monitoring, and historical and proactive reporting. ---------------------------------------------------------------------- We are millions! Join us to protect all Pc's Worldwide. Download the new Secunia PSI 3.0 available in 5 languages and share it with your friends: http://secunia.com/psi ---------------------------------------------------------------------- TITLE: Dell SonicWALL Scrutinizer "q" SQL Injection Vulnerability SECUNIA ADVISORY ID: SA50052 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/50052/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=50052 RELEASE DATE: 2012-07-26 DISCUSS ADVISORY: http://secunia.com/advisories/50052/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/50052/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=50052 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: muts has reported a vulnerability in Dell SonicWALL Scrutinizer, which can be exploited by malicious people to conduct SQL injection attacks. Input passed via the "q" parameter to d4d/statusFilter.php is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. The vulnerability is reported in versions 9.0.0, 9.0.1, and 9.5.0. SOLUTION: Update to version 9.5.2. PROVIDED AND/OR DISCOVERED BY: muts, Offensive Security. ORIGINAL ADVISORY: muts: http://www.exploit-db.com/exploits/20033/ US-CERT (VU#404051) http://www.kb.cert.org/vuls/id/404051 Dell: http://www.sonicwall.com/shared/download/Dell_SonicWALL_Scrutinizer_Service_Bulletin_for_SQL_injection_vulnerability_CVE.pdf OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 2.88

sources: NVD: CVE-2012-2962 // CERT/CC: VU#404051 // JVNDB: JVNDB-2012-003307 // BID: 54625 // VULHUB: VHN-56243 // VULMON: CVE-2012-2962 // PACKETSTORM: 115035

AFFECTED PRODUCTS

vendor:	sonicwall	model:	scrutinizer	scope:	lt	version:	9.5.2	Trust: 1.0
vendor:	dell computer	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	dell	model:	sonicwall scrutinizer	scope:	lte	version:	9.5.0	Trust: 0.8
vendor:	dell	model:	sonicwall scrutinizer with flow analytics module	scope:	lte	version:	9.5.0	Trust: 0.8
vendor:	sonicwall	model:	scrutinizer	scope:	eq	version:	9.0.0	Trust: 0.6
vendor:	sonicwall	model:	scrutinizer	scope:	eq	version:	9.5.0	Trust: 0.6
vendor:	sonicwall	model:	scrutinizer	scope:	eq	version:	9.0.1	Trust: 0.6
vendor:	sonicwall	model:	scrutinizer	scope:	eq	version:	8.6.2	Trust: 0.6

sources: CERT/CC: VU#404051 // JVNDB: JVNDB-2012-003307 // CNNVD: CNNVD-201207-563 // NVD: CVE-2012-2962

CVSS

SEVERITY

CVSSV2

CVSSV3

NVD:	CVE-2012-2962
value:	MEDIUM
Trust: 1.6
nvd@nist.gov:	CVE-2012-2962
value:	MEDIUM
Trust: 1.0
CNNVD:	CNNVD-201207-563
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-56243
value:	MEDIUM
Trust: 0.1
VULMON:	CVE-2012-2962
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2012-2962
severity:	MEDIUM
baseScore:	6.5
vectorString:	AV:N/AC:L/AU:S/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9
NVD:	CVE-2012-2962
severity:	MEDIUM
baseScore:	6.5
vectorString:	NONE
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.8
VULHUB:	VHN-56243
severity:	MEDIUM
baseScore:	6.5
vectorString:	AV:N/AC:L/AU:S/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: CERT/CC: VU#404051 // VULHUB: VHN-56243 // VULMON: CVE-2012-2962 // JVNDB: JVNDB-2012-003307 // CNNVD: CNNVD-201207-563 // NVD: CVE-2012-2962

PROBLEMTYPE DATA

problemtype:

CWE-89

Trust: 1.9

sources: VULHUB: VHN-56243 // JVNDB: JVNDB-2012-003307 // NVD: CVE-2012-2962

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201207-563

TYPE

sql injection

Trust: 0.7

sources: PACKETSTORM: 115035 // CNNVD: CNNVD-201207-563

CONFIGURATIONS

sources: JVNDB: JVNDB-2012-003307

EXPLOIT AVAILABILITY

sources: CERT/CC: VU#404051 // VULHUB: VHN-56243 // VULMON: CVE-2012-2962

PATCH

title:	SonicWALL Scrutinizer	url:	http://www.dell.com/us/enterprise/p/sonicwall-scrutinizer/pd	Trust: 0.8
title:	Dell SonicWALL Scrutinizer Service Bulletin for SQL injection vulnerability	url:	http://www.sonicwall.com/shared/download/Dell_SonicWALL_Scrutinizer_Service_Bulletin_for_SQL_injection_vulnerability_CVE.pdf	Trust: 0.8

sources: JVNDB: JVNDB-2012-003307

EXTERNAL IDS

db:	CERT/CC	id:	VU#404051	Trust: 3.5
db:	NVD	id:	CVE-2012-2962	Trust: 2.9
db:	BID	id:	54625	Trust: 2.1
db:	SECUNIA	id:	50052	Trust: 2.1
db:	EXPLOIT-DB	id:	20033	Trust: 1.9
db:	OSVDB	id:	84232	Trust: 1.8
db:	JVNDB	id:	JVNDB-2012-003307	Trust: 0.8
db:	CNNVD	id:	CNNVD-201207-563	Trust: 0.7
db:	XF	id:	77148	Trust: 0.6
db:	EXPLOIT-DB	id:	20204	Trust: 0.2
db:	SEEBUG	id:	SSVID-74090	Trust: 0.1
db:	SEEBUG	id:	SSVID-73932	Trust: 0.1
db:	PACKETSTORM	id:	115235	Trust: 0.1
db:	PACKETSTORM	id:	114950	Trust: 0.1
db:	VULHUB	id:	VHN-56243	Trust: 0.1
db:	VULMON	id:	CVE-2012-2962	Trust: 0.1
db:	PACKETSTORM	id:	115035	Trust: 0.1

sources: CERT/CC: VU#404051 // VULHUB: VHN-56243 // VULMON: CVE-2012-2962 // BID: 54625 // JVNDB: JVNDB-2012-003307 // PACKETSTORM: 115035 // CNNVD: CNNVD-201207-563 // NVD: CVE-2012-2962

REFERENCES

url:	http://www.kb.cert.org/vuls/id/404051	Trust: 2.8
url:	http://www.sonicwall.com/shared/download/dell_sonicwall_scrutinizer_service_bulletin_for_sql_injection_vulnerability_cve.pdf	Trust: 2.7
url:	http://www.plixer.com/press-releases/plixer-releases-9-5-2.html	Trust: 2.0
url:	http://www.securityfocus.com/bid/54625	Trust: 1.8
url:	http://www.exploit-db.com/exploits/20033	Trust: 1.8
url:	http://www.osvdb.org/84232	Trust: 1.8
url:	http://secunia.com/advisories/50052	Trust: 1.8
url:	https://exchange.xforce.ibmcloud.com/vulnerabilities/77148	Trust: 1.2
url:	about vulnerability notes	Trust: 0.8
url:	contact us about this vulnerability	Trust: 0.8
url:	provide a vendor statement	Trust: 0.8
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-2962	Trust: 0.8
url:	http://jvn.jp/cert/jvnvu404051	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-2962	Trust: 0.8
url:	http://xforce.iss.net/xforce/xfdb/77148	Trust: 0.6
url:	http://http://www.plixer.com/press-releases/plixer-releases-9-5-2.html	Trust: 0.6
url:	https://cwe.mitre.org/data/definitions/89.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1
url:	http://tools.cisco.com/security/center/viewalert.x?alertid=26471	Trust: 0.1
url:	https://www.exploit-db.com/exploits/20204/	Trust: 0.1
url:	https://ca.secunia.com/?page=viewadvisory&vuln_id=50052	Trust: 0.1
url:	http://secunia.com/psi	Trust: 0.1
url:	http://secunia.com/vulnerability_intelligence/	Trust: 0.1
url:	http://secunia.com/advisories/secunia_security_advisories/	Trust: 0.1
url:	http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/	Trust: 0.1
url:	http://secunia.com/advisories/50052/	Trust: 0.1
url:	http://www.exploit-db.com/exploits/20033/	Trust: 0.1
url:	http://secunia.com/vulnerability_scanning/personal/	Trust: 0.1
url:	http://secunia.com/advisories/50052/#comments	Trust: 0.1
url:	http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org	Trust: 0.1
url:	http://secunia.com/advisories/about_secunia_advisories/	Trust: 0.1

sources: CERT/CC: VU#404051 // VULHUB: VHN-56243 // VULMON: CVE-2012-2962 // JVNDB: JVNDB-2012-003307 // PACKETSTORM: 115035 // CNNVD: CNNVD-201207-563 // NVD: CVE-2012-2962

CREDITS

muts

Trust: 0.3

sources: BID: 54625

SOURCES

db:	CERT/CC	id:	VU#404051
db:	VULHUB	id:	VHN-56243
db:	VULMON	id:	CVE-2012-2962
db:	BID	id:	54625
db:	JVNDB	id:	JVNDB-2012-003307
db:	PACKETSTORM	id:	115035
db:	CNNVD	id:	CNNVD-201207-563
db:	NVD	id:	CVE-2012-2962

LAST UPDATE DATE

2025-04-11T22:49:34.535000+00:00

SOURCES UPDATE DATE

db:	CERT/CC	id:	VU#404051	date:	2013-05-15T00:00:00
db:	VULHUB	id:	VHN-56243	date:	2018-03-12T00:00:00
db:	VULMON	id:	CVE-2012-2962	date:	2018-03-12T00:00:00
db:	BID	id:	54625	date:	2012-08-03T06:22:00
db:	JVNDB	id:	JVNDB-2012-003307	date:	2012-08-01T00:00:00
db:	CNNVD	id:	CNNVD-201207-563	date:	2012-07-30T00:00:00
db:	NVD	id:	CVE-2012-2962	date:	2025-04-11T00:51:21.963

SOURCES RELEASE DATE

db:	CERT/CC	id:	VU#404051	date:	2012-07-25T00:00:00
db:	VULHUB	id:	VHN-56243	date:	2012-07-30T00:00:00
db:	VULMON	id:	CVE-2012-2962	date:	2012-07-30T00:00:00
db:	BID	id:	54625	date:	2012-07-22T00:00:00
db:	JVNDB	id:	JVNDB-2012-003307	date:	2012-07-26T00:00:00
db:	PACKETSTORM	id:	115035	date:	2012-07-26T04:01:11
db:	CNNVD	id:	CNNVD-201207-563	date:	2012-07-30T00:00:00
db:	NVD	id:	CVE-2012-2962	date:	2012-07-30T22:55:03.020