Scrutinizer Default Password Security Bypass Vulnerability Network Vulnerability

Summary

The MySQL component in Plixer Scrutinize is prone to a security-bypass vulnerability. Successful attacks can allow an attacker to gain access to the affected application using the default authentication credentials scrutremote:admin. Scrutinizer 9.5.0 is vulnerable other versions may also be affected.

Solution

Vendor updates are available. Please see the references for more information.

References

http://www.plixer.com
http://www.securityfocus.com/bid/54731

Updated on 2015-03-25

Severity

Classification

CVE CVE-2012-3951

CVSS	Base Score: 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Avenger's News System Command Execution
Apache Tomcat /servlet Cross Site Scripting
Admbook PHP Code Injection Flaw
aflog Cookie-Based Authentication Bypass Vulnerability
Apache Struts2 Showcase Skill Name Remote Code Execution Vulnerability

Take action and discover your vulnerabilities