Detections
Analytics
Scrutinizer < 9.5.2 Multiple Vulnerabilities
high Nessus Plugin ID 61648
Language:
Synopsis
The remote host is running a web application that is affected by multiple vulnerabilities.Description
The version of Scrutinizer running on the remote host is a version prior to 9.5.2, and is, therefore, potentially affected by the following vulnerabilities :- The 'd4d/exporters.php' and 'd4d/contextMenu.php' web console scripts are affected by multiple cross-site scripting vulnerabilities. (CVE-2012-3848)
- An arbitrary file creation and file overwrite vulnerability exists in the 'd4d/uploader.php' web console script. This allows attackers to create or overwrite arbitrary files in '%PROGRAMFILES%\Scrutinizer\snmp\mibs\' via an HTTP POST request. (CVE-2012-2627)
- The 'cgi-bin/admin.cgi' web console script allows remote, unauthenticated attackers to add administrative accounts. (CVE-2012-2626)
Note that Tenable has confirmed the cross-site scripting vulnerabilities in 9.5.0 even though that version was originally reported to have addressed those.
Solution
Upgrade to Scrutinizer 9.5.2 or later.See Also
https://www.trustwave.com/Resources/Security-Advisories/Advisories/TWSL2012-014/?fid=3792&dl=1
Plugin Details
Severity: High
ID: 61648
File Name: scrutinizer_9_5_2.nasl
Version: 1.10
Type: remote
Family: CGI abuses
Published: 8/23/2012
Updated: 1/19/2021
Supported Sensors: Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 5.5
CVSS v2
Risk Factor: High
Base Score: 9.4
Temporal Score: 7.4
Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:C/A:C
Vulnerability Information
CPE: cpe:/a:dell:sonicwall_scrutinizer
Required KB Items: www/scrutinizer_netflow_sflow_analyzer
Excluded KB Items: Settings/disable_cgi_scanning
Exploit Available: true
Exploit Ease: No exploit is required
Patch Publication Date: 5/16/2012
Vulnerability Publication Date: 7/27/2012