Vulnerabilities > Solarwinds > Storage Profiler > Critical

DATE CVE VULNERABILITY TITLE RISK
2017-12-20 CVE-2012-2576 SQL Injection vulnerability in Solarwinds Backup Profiler, Storage Manager and Storage Profiler
SQL injection vulnerability in the LoginServlet page in SolarWinds Storage Manager before 5.1.2, SolarWinds Storage Profiler before 5.1.2, and SolarWinds Backup Profiler before 5.1.2 allows remote attackers to execute arbitrary SQL commands via the loginName field.
network
low complexity
solarwinds CWE-89
critical
9.8