VYPR
Critical severity9.8NVD Advisory· Published Dec 20, 2017· Updated Jun 16, 2026

CVE-2012-2576

CVE-2012-2576

Description

SQL injection vulnerability in the LoginServlet page in SolarWinds Storage Manager before 5.1.2, SolarWinds Storage Profiler before 5.1.2, and SolarWinds Backup Profiler before 5.1.2 allows remote attackers to execute arbitrary SQL commands via the loginName field.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

6
  • cpe:2.3:a:solarwinds:backup_profiler:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:solarwinds:backup_profiler:*:*:*:*:*:*:*:*range: <5.1.2
    • (no CPE)range: <5.1.2
  • cpe:2.3:a:solarwinds:storage_manager:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:solarwinds:storage_manager:*:*:*:*:*:*:*:*range: <5.1.2
    • (no CPE)range: <5.1.2
  • cpe:2.3:a:solarwinds:storage_profiler:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:solarwinds:storage_profiler:*:*:*:*:*:*:*:*range: <5.1.2
    • (no CPE)range: <5.1.2

Patches

Vulnerability mechanics

References

5

News mentions

1