CVE-2014-4976

Currently unrated

Key Information:

Vendor: Sonicwall
Status: Scrutinizer
Vendor: CVE Published:; 16 July 2014

Summary

Dell SonicWall Scrutinizer 11.0.1 allows remote authenticated users to change user passwords via the user ID in the savePrefs parameter in a change password request to cgi-bin/admin.cgi.

References

http://seclists.org/fulldisclosure/2014/Jul/44

mailing-listx_refsource_FULLDISC

https://exchange.xforce.ibmcloud.com/vulnerabilities/94438

vdb-entryx_refsource_XF

http://packetstormsecurity.com/files/127429/Dell-Sonicwal...

x_refsource_MISC

EPSS Score

1% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Jul 16, 2014
Vulnerability Reserved
Jul 16, 2014

Collectors

NVD DatabaseMitre Database