5.5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:N/I:P/A:P
6.4 Medium
AI Score
Confidence
Low
0.007 Low
EPSS
Percentile
79.9%
Dell SonicWall Scrutinizer 11.0.1 allows remote authenticated users to change user passwords via the user ID in the savePrefs parameter in a change password request to cgi-bin/admin.cgi.
packetstormsecurity.com/files/127429/Dell-Sonicwall-Scrutinizer-11.01-Code-Execution-SQL-Injection.html
seclists.org/fulldisclosure/2014/Jul/44
www.securityfocus.com/bid/68495
exchange.xforce.ibmcloud.com/vulnerabilities/94438
gist.github.com/brandonprry/36b4b8df1cde279a9305
gist.github.com/brandonprry/76741d9a0d4f518fe297