mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-07-29 05:56:59 +00:00
83 lines
2.4 KiB
JSON
83 lines
2.4 KiB
JSON
{
|
|
"CVE_data_meta" : {
|
|
"ASSIGNER" : "cve@mitre.org",
|
|
"ID" : "CVE-2012-2576",
|
|
"STATE" : "PUBLIC"
|
|
},
|
|
"affects" : {
|
|
"vendor" : {
|
|
"vendor_data" : [
|
|
{
|
|
"product" : {
|
|
"product_data" : [
|
|
{
|
|
"product_name" : "n/a",
|
|
"version" : {
|
|
"version_data" : [
|
|
{
|
|
"version_value" : "n/a"
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
},
|
|
"vendor_name" : "n/a"
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"data_format" : "MITRE",
|
|
"data_type" : "CVE",
|
|
"data_version" : "4.0",
|
|
"description" : {
|
|
"description_data" : [
|
|
{
|
|
"lang" : "eng",
|
|
"value" : "SQL injection vulnerability in the LoginServlet page in SolarWinds Storage Manager before 5.1.2, SolarWinds Storage Profiler before 5.1.2, and SolarWinds Backup Profiler before 5.1.2 allows remote attackers to execute arbitrary SQL commands via the loginName field."
|
|
}
|
|
]
|
|
},
|
|
"problemtype" : {
|
|
"problemtype_data" : [
|
|
{
|
|
"description" : [
|
|
{
|
|
"lang" : "eng",
|
|
"value" : "n/a"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"references" : {
|
|
"reference_data" : [
|
|
{
|
|
"name" : "18818",
|
|
"refsource" : "EXPLOIT-DB",
|
|
"url" : "http://www.exploit-db.com/exploits/18818"
|
|
},
|
|
{
|
|
"name" : "18833",
|
|
"refsource" : "EXPLOIT-DB",
|
|
"url" : "http://www.exploit-db.com/exploits/18833"
|
|
},
|
|
{
|
|
"name" : "http://www.solarwinds.com/documentation/storage/storagemanager/docs/ReleaseNotes/vulnerability.htm",
|
|
"refsource" : "CONFIRM",
|
|
"url" : "http://www.solarwinds.com/documentation/storage/storagemanager/docs/ReleaseNotes/vulnerability.htm"
|
|
},
|
|
{
|
|
"name" : "51639",
|
|
"refsource" : "BID",
|
|
"url" : "http://www.securityfocus.com/bid/51639"
|
|
},
|
|
{
|
|
"name" : "solarwnds-loginservlet-sql-injection(72680)",
|
|
"refsource" : "XF",
|
|
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/72680"
|
|
}
|
|
]
|
|
}
|
|
}
|