Critical severity9.8NVD Advisory· Published Dec 20, 2017· Updated Jun 16, 2026
CVE-2012-2576
CVE-2012-2576
Description
SQL injection vulnerability in the LoginServlet page in SolarWinds Storage Manager before 5.1.2, SolarWinds Storage Profiler before 5.1.2, and SolarWinds Backup Profiler before 5.1.2 allows remote attackers to execute arbitrary SQL commands via the loginName field.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
6cpe:2.3:a:solarwinds:backup_profiler:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:solarwinds:backup_profiler:*:*:*:*:*:*:*:*range: <5.1.2
- (no CPE)range: <5.1.2
cpe:2.3:a:solarwinds:storage_manager:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:solarwinds:storage_manager:*:*:*:*:*:*:*:*range: <5.1.2
- (no CPE)range: <5.1.2
cpe:2.3:a:solarwinds:storage_profiler:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:solarwinds:storage_profiler:*:*:*:*:*:*:*:*range: <5.1.2
- (no CPE)range: <5.1.2
Patches
Vulnerability mechanics
References
5- www.exploit-db.com/exploits/18818nvdExploitThird Party AdvisoryVDB Entry
- www.exploit-db.com/exploits/18833nvdExploitThird Party AdvisoryVDB Entry
- www.securityfocus.com/bid/51639nvdThird Party AdvisoryVDB Entry
- www.solarwinds.com/documentation/storage/storagemanager/docs/ReleaseNotes/vulnerability.htmnvdVendor Advisory
- exchange.xforce.ibmcloud.com/vulnerabilities/72680nvdThird Party AdvisoryVDB Entry
News mentions
1- Weekly Metasploit Update: Apache ActiveMQ RCE, Gogs Rebase RCE, and Windows Kernel Pointer EnumRapid7 Blog · Jun 5, 2026