Vulnerabilites related to SonicWall - SonicOS
CVE-2020-5136 (GCVE-0-2020-5136)
Vulnerability from cvelistv5
Published
2020-10-12 10:40
Modified
2024-08-04 08:22
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-120 - Buffer Copy without Checking Size of Input
Summary
A buffer overflow vulnerability in SonicOS allows an authenticated attacker to cause Denial of Service (DoS) in the SSL-VPN and virtual assist portal, which leads to a firewall crash. This vulnerability affected SonicOS Gen 5 version 5.9.1.7, 5.9.1.13, Gen 6 version 6.5.4.7, 6.5.1.12, 6.0.5.3, SonicOSv 6.5.4.v and Gen 7 version 7.0.0.0.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SonicWall | SonicOS |
Version: SonicOS 6.5.4.7-79n and earlier Version: SonicOS 5.9.1.7-2n and earlier Version: SonicOS 5.9.1.13-5n and earlier Version: SonicOS 6.5.1.11-4n and earlier Version: SonicOS 6.0.5.3-93o and earlier Version: SonicOSv 6.5.4.4-44v-21-794 and earlier Version: SonicOS 7.0.0.0-1 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T08:22:08.451Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2020-0011"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "SonicOS",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "SonicOS 6.5.4.7-79n and earlier"
},
{
"status": "affected",
"version": "SonicOS 5.9.1.7-2n and earlier"
},
{
"status": "affected",
"version": "SonicOS 5.9.1.13-5n and earlier"
},
{
"status": "affected",
"version": "SonicOS 6.5.1.11-4n and earlier"
},
{
"status": "affected",
"version": "SonicOS 6.0.5.3-93o and earlier"
},
{
"status": "affected",
"version": "SonicOSv 6.5.4.4-44v-21-794 and earlier"
},
{
"status": "affected",
"version": "SonicOS 7.0.0.0-1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A buffer overflow vulnerability in SonicOS allows an authenticated attacker to cause Denial of Service (DoS) in the SSL-VPN and virtual assist portal, which leads to a firewall crash. This vulnerability affected SonicOS Gen 5 version 5.9.1.7, 5.9.1.13, Gen 6 version 6.5.4.7, 6.5.1.12, 6.0.5.3, SonicOSv 6.5.4.v and Gen 7 version 7.0.0.0."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-120",
"description": "CWE-120: Buffer Copy without Checking Size of Input",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-10-12T10:40:29",
"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"shortName": "sonicwall"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2020-0011"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "PSIRT@sonicwall.com",
"ID": "CVE-2020-5136",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SonicOS",
"version": {
"version_data": [
{
"version_value": "SonicOS 6.5.4.7-79n and earlier"
},
{
"version_value": "SonicOS 5.9.1.7-2n and earlier"
},
{
"version_value": "SonicOS 5.9.1.13-5n and earlier"
},
{
"version_value": "SonicOS 6.5.1.11-4n and earlier"
},
{
"version_value": "SonicOS 6.0.5.3-93o and earlier"
},
{
"version_value": "SonicOSv 6.5.4.4-44v-21-794 and earlier"
},
{
"version_value": "SonicOS 7.0.0.0-1"
}
]
}
}
]
},
"vendor_name": "SonicWall"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A buffer overflow vulnerability in SonicOS allows an authenticated attacker to cause Denial of Service (DoS) in the SSL-VPN and virtual assist portal, which leads to a firewall crash. This vulnerability affected SonicOS Gen 5 version 5.9.1.7, 5.9.1.13, Gen 6 version 6.5.4.7, 6.5.1.12, 6.0.5.3, SonicOSv 6.5.4.v and Gen 7 version 7.0.0.0."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-120: Buffer Copy without Checking Size of Input"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2020-0011",
"refsource": "CONFIRM",
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2020-0011"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"assignerShortName": "sonicwall",
"cveId": "CVE-2020-5136",
"datePublished": "2020-10-12T10:40:29",
"dateReserved": "2019-12-31T00:00:00",
"dateUpdated": "2024-08-04T08:22:08.451Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-20019 (GCVE-0-2021-20019)
Vulnerability from cvelistv5
Published
2021-06-23 21:45
Modified
2024-08-03 17:30
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
Summary
A vulnerability in SonicOS where the HTTP server response leaks partial memory by sending a crafted HTTP request, this can potentially lead to an internal sensitive data disclosure vulnerability.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T17:30:07.323Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0006"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "SonicOS",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "SonicOS - 6.5.4.7-83n"
},
{
"status": "affected",
"version": "SonicOSv - 6.5.4.4-44v-21-955"
},
{
"status": "affected",
"version": "SonicOS - 6.5.1.12-3n"
},
{
"status": "affected",
"version": "SonicOS - 6.0.5.3-94o"
},
{
"status": "affected",
"version": "SonicOS - 7.0.0-R713 and earlier"
},
{
"status": "affected",
"version": "SonicOS - 7.0.1-R1036 and earlier"
},
{
"status": "affected",
"version": "SonicOS - 7.0.0.375 and earlier"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in SonicOS where the HTTP server response leaks partial memory by sending a crafted HTTP request, this can potentially lead to an internal sensitive data disclosure vulnerability."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-23T21:45:11",
"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"shortName": "sonicwall"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0006"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "PSIRT@sonicwall.com",
"ID": "CVE-2021-20019",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SonicOS",
"version": {
"version_data": [
{
"version_value": "SonicOS - 6.5.4.7-83n"
},
{
"version_value": "SonicOSv - 6.5.4.4-44v-21-955"
},
{
"version_value": "SonicOS - 6.5.1.12-3n"
},
{
"version_value": "SonicOS - 6.0.5.3-94o"
},
{
"version_value": "SonicOS - 7.0.0-R713 and earlier"
},
{
"version_value": "SonicOS - 7.0.1-R1036 and earlier"
},
{
"version_value": "SonicOS - 7.0.0.375 and earlier"
}
]
}
}
]
},
"vendor_name": "SonicWall"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in SonicOS where the HTTP server response leaks partial memory by sending a crafted HTTP request, this can potentially lead to an internal sensitive data disclosure vulnerability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0006",
"refsource": "CONFIRM",
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0006"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"assignerShortName": "sonicwall",
"cveId": "CVE-2021-20019",
"datePublished": "2021-06-23T21:45:11",
"dateReserved": "2020-12-17T00:00:00",
"dateUpdated": "2024-08-03T17:30:07.323Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-5138 (GCVE-0-2020-5138)
Vulnerability from cvelistv5
Published
2020-10-12 10:40
Modified
2024-08-04 08:22
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-122 - Heap-based Buffer Overflow
Summary
A Heap Overflow vulnerability in the SonicOS allows a remote unauthenticated attacker to cause Denial of Service (DoS) on the firewall SSLVPN service and leads to SonicOS crash. This vulnerability affected SonicOS Gen 5 version 5.9.1.7, 5.9.1.13, Gen 6 version 6.5.4.7, 6.5.1.12, 6.0.5.3, SonicOSv 6.5.4.v and Gen 7 version SonicOS 7.0.0.0.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SonicWall | SonicOS |
Version: SonicOS 6.5.4.7-79n and earlier Version: SonicOS 5.9.1.7-2n and earlier Version: SonicOS 5.9.1.13-5n and earlier Version: SonicOS 6.5.1.11-4n and earlier Version: SonicOS 6.0.5.3-93o and earlier Version: SonicOSv 6.5.4.4-44v-21-794 and earlier Version: SonicOS 7.0.0.0-1 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T08:22:08.765Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2020-0013"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "SonicOS",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "SonicOS 6.5.4.7-79n and earlier"
},
{
"status": "affected",
"version": "SonicOS 5.9.1.7-2n and earlier"
},
{
"status": "affected",
"version": "SonicOS 5.9.1.13-5n and earlier"
},
{
"status": "affected",
"version": "SonicOS 6.5.1.11-4n and earlier"
},
{
"status": "affected",
"version": "SonicOS 6.0.5.3-93o and earlier"
},
{
"status": "affected",
"version": "SonicOSv 6.5.4.4-44v-21-794 and earlier"
},
{
"status": "affected",
"version": "SonicOS 7.0.0.0-1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A Heap Overflow vulnerability in the SonicOS allows a remote unauthenticated attacker to cause Denial of Service (DoS) on the firewall SSLVPN service and leads to SonicOS crash. This vulnerability affected SonicOS Gen 5 version 5.9.1.7, 5.9.1.13, Gen 6 version 6.5.4.7, 6.5.1.12, 6.0.5.3, SonicOSv 6.5.4.v and Gen 7 version SonicOS 7.0.0.0."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-122",
"description": "CWE-122: Heap-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-10-12T10:40:30",
"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"shortName": "sonicwall"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2020-0013"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "PSIRT@sonicwall.com",
"ID": "CVE-2020-5138",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SonicOS",
"version": {
"version_data": [
{
"version_value": "SonicOS 6.5.4.7-79n and earlier"
},
{
"version_value": "SonicOS 5.9.1.7-2n and earlier"
},
{
"version_value": "SonicOS 5.9.1.13-5n and earlier"
},
{
"version_value": "SonicOS 6.5.1.11-4n and earlier"
},
{
"version_value": "SonicOS 6.0.5.3-93o and earlier"
},
{
"version_value": "SonicOSv 6.5.4.4-44v-21-794 and earlier"
},
{
"version_value": "SonicOS 7.0.0.0-1"
}
]
}
}
]
},
"vendor_name": "SonicWall"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A Heap Overflow vulnerability in the SonicOS allows a remote unauthenticated attacker to cause Denial of Service (DoS) on the firewall SSLVPN service and leads to SonicOS crash. This vulnerability affected SonicOS Gen 5 version 5.9.1.7, 5.9.1.13, Gen 6 version 6.5.4.7, 6.5.1.12, 6.0.5.3, SonicOSv 6.5.4.v and Gen 7 version SonicOS 7.0.0.0."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-122: Heap-based Buffer Overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2020-0013",
"refsource": "CONFIRM",
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2020-0013"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"assignerShortName": "sonicwall",
"cveId": "CVE-2020-5138",
"datePublished": "2020-10-12T10:40:30",
"dateReserved": "2019-12-31T00:00:00",
"dateUpdated": "2024-08-04T08:22:08.765Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-22277 (GCVE-0-2022-22277)
Vulnerability from cvelistv5
Published
2022-04-27 16:25
Modified
2024-08-03 03:07
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
Summary
A vulnerability in SonicOS SNMP service resulting exposure of Wireless Access Point sensitive information in cleartext.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SonicWall | SonicOS |
Version: SonicOS Gen 7 TZ-Series 7.0.1-5030-R2007 and earlier versions. Version: SonicOS Gen 7 NSa-Series 7.0.1-5030-R2007 and earlier versions. Version: SonicOS Gen 7 NSv-Series 7.0.1.0-5030-1391 and earlier versions. Version: SonicOS Gen 7 NSsp-Series 7.0.1-5030-R780 and earlier versions. Version: SonicOS Gen 6 6.5.4.9-93n and earlier versions. |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:07:50.394Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0004"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "SonicOS",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "SonicOS Gen 7 TZ-Series 7.0.1-5030-R2007 and earlier versions."
},
{
"status": "affected",
"version": "SonicOS Gen 7 NSa-Series 7.0.1-5030-R2007 and earlier versions."
},
{
"status": "affected",
"version": "SonicOS Gen 7 NSv-Series 7.0.1.0-5030-1391 and earlier versions."
},
{
"status": "affected",
"version": "SonicOS Gen 7 NSsp-Series 7.0.1-5030-R780 and earlier versions."
},
{
"status": "affected",
"version": "SonicOS Gen 6 6.5.4.9-93n and earlier versions."
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in SonicOS SNMP service resulting exposure of Wireless Access Point sensitive information in cleartext."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-27T16:25:16",
"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"shortName": "sonicwall"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0004"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "PSIRT@sonicwall.com",
"ID": "CVE-2022-22277",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SonicOS",
"version": {
"version_data": [
{
"version_value": "SonicOS Gen 7 TZ-Series 7.0.1-5030-R2007 and earlier versions."
},
{
"version_value": "SonicOS Gen 7 NSa-Series 7.0.1-5030-R2007 and earlier versions."
},
{
"version_value": "SonicOS Gen 7 NSv-Series 7.0.1.0-5030-1391 and earlier versions."
},
{
"version_value": "SonicOS Gen 7 NSsp-Series 7.0.1-5030-R780 and earlier versions."
},
{
"version_value": "SonicOS Gen 6 6.5.4.9-93n and earlier versions."
}
]
}
}
]
},
"vendor_name": "SonicWall"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in SonicOS SNMP service resulting exposure of Wireless Access Point sensitive information in cleartext."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0004",
"refsource": "CONFIRM",
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0004"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"assignerShortName": "sonicwall",
"cveId": "CVE-2022-22277",
"datePublished": "2022-04-27T16:25:16",
"dateReserved": "2021-12-29T00:00:00",
"dateUpdated": "2024-08-03T03:07:50.394Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-41712 (GCVE-0-2023-41712)
Vulnerability from cvelistv5
Published
2023-10-17 22:26
Modified
2024-09-13 15:36
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-121 - Stack-based Buffer Overflow
Summary
SonicOS post-authentication Stack-Based Buffer Overflow Vulnerability in the SSL VPN plainprefs.exp URL endpoint leads to a firewall crash.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:01:35.451Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0012"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-41712",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-13T15:36:06.568443Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-13T15:36:27.303Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"modules": [
"Management",
"SSLVPN"
],
"product": "SonicOS",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "7.0.1-5119 and earlier versions"
},
{
"status": "affected",
"version": "7.0.1-5129 and earlier versions"
},
{
"status": "affected",
"version": "6.5.4.4-44v-21-2079 and earlier versions"
},
{
"status": "affected",
"version": "6.5.4.12-101n and earlier versions"
}
]
}
],
"datePublic": "2023-10-17T22:25:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "SonicOS post-authentication Stack-Based Buffer Overflow Vulnerability in the SSL VPN plainprefs.exp URL endpoint leads to a firewall crash."
}
],
"value": "SonicOS post-authentication Stack-Based Buffer Overflow Vulnerability in the SSL VPN plainprefs.exp URL endpoint leads to a firewall crash."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121 Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-17T22:26:09.949Z",
"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"shortName": "sonicwall"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0012"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"assignerShortName": "sonicwall",
"cveId": "CVE-2023-41712",
"datePublished": "2023-10-17T22:26:09.949Z",
"dateReserved": "2023-08-30T17:07:28.452Z",
"dateUpdated": "2024-09-13T15:36:27.303Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-22397 (GCVE-0-2024-22397)
Vulnerability from cvelistv5
Published
2024-03-14 03:23
Modified
2025-03-27 17:01
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Summary
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in the SonicOS SSLVPN portal allows a remote authenticated attacker as a firewall 'admin' user to store and execute arbitrary JavaScript code.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 8.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:L",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-22397",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-03-14T19:38:51.641190Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-27T17:01:13.903Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T22:43:34.948Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0005"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"platforms": [
"Gen7"
],
"product": "SonicOS",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "7.0.1-5145 and earlier versions"
},
{
"status": "affected",
"version": "7.1.1-7047 and earlier versions"
}
]
}
],
"datePublic": "2024-03-13T17:18:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027) in the SonicOS SSLVPN portal allows a remote authenticated attacker as a firewall \u0027admin\u0027 user to store and execute arbitrary JavaScript code."
}
],
"value": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027) in the SonicOS SSLVPN portal allows a remote authenticated attacker as a firewall \u0027admin\u0027 user to store and execute arbitrary JavaScript code."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-03-14T03:23:52.971Z",
"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"shortName": "sonicwall"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0005"
}
],
"source": {
"advisory": "SNWLID-2024-0005",
"discovery": "EXTERNAL"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"assignerShortName": "sonicwall",
"cveId": "CVE-2024-22397",
"datePublished": "2024-03-14T03:23:52.971Z",
"dateReserved": "2024-01-10T09:52:23.463Z",
"dateUpdated": "2025-03-27T17:01:13.903Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-5137 (GCVE-0-2020-5137)
Vulnerability from cvelistv5
Published
2020-10-12 10:40
Modified
2024-08-04 08:22
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-120 - Buffer Copy without Checking Size of Input
Summary
A buffer overflow vulnerability in SonicOS allows a remote unauthenticated attacker to cause Denial of Service (DoS) on the firewall SSLVPN service and leads to firewall crash. This vulnerability affected SonicOS Gen 5 version 5.9.1.7, 5.9.1.13, Gen 6 version 6.5.4.7, 6.5.1.12, 6.0.5.3, SonicOSv 6.5.4.v and Gen 7 version 7.0.0.0.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SonicWall | SonicOS |
Version: SonicOS 6.5.4.7-79n and earlier Version: SonicOS 5.9.1.7-2n and earlier Version: SonicOS 5.9.1.13-5n and earlier Version: SonicOS 6.5.1.11-4n and earlier Version: SonicOS 6.0.5.3-93o and earlier Version: SonicOSv 6.5.4.4-44v-21-794 and earlier Version: SonicOS 7.0.0.0-1 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T08:22:08.704Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2020-0012"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "SonicOS",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "SonicOS 6.5.4.7-79n and earlier"
},
{
"status": "affected",
"version": "SonicOS 5.9.1.7-2n and earlier"
},
{
"status": "affected",
"version": "SonicOS 5.9.1.13-5n and earlier"
},
{
"status": "affected",
"version": "SonicOS 6.5.1.11-4n and earlier"
},
{
"status": "affected",
"version": "SonicOS 6.0.5.3-93o and earlier"
},
{
"status": "affected",
"version": "SonicOSv 6.5.4.4-44v-21-794 and earlier"
},
{
"status": "affected",
"version": "SonicOS 7.0.0.0-1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A buffer overflow vulnerability in SonicOS allows a remote unauthenticated attacker to cause Denial of Service (DoS) on the firewall SSLVPN service and leads to firewall crash. This vulnerability affected SonicOS Gen 5 version 5.9.1.7, 5.9.1.13, Gen 6 version 6.5.4.7, 6.5.1.12, 6.0.5.3, SonicOSv 6.5.4.v and Gen 7 version 7.0.0.0."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-120",
"description": "CWE-120: Buffer Copy without Checking Size of Input",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-10-12T10:40:29",
"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"shortName": "sonicwall"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2020-0012"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "PSIRT@sonicwall.com",
"ID": "CVE-2020-5137",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SonicOS",
"version": {
"version_data": [
{
"version_value": "SonicOS 6.5.4.7-79n and earlier"
},
{
"version_value": "SonicOS 5.9.1.7-2n and earlier"
},
{
"version_value": "SonicOS 5.9.1.13-5n and earlier"
},
{
"version_value": "SonicOS 6.5.1.11-4n and earlier"
},
{
"version_value": "SonicOS 6.0.5.3-93o and earlier"
},
{
"version_value": "SonicOSv 6.5.4.4-44v-21-794 and earlier"
},
{
"version_value": "SonicOS 7.0.0.0-1"
}
]
}
}
]
},
"vendor_name": "SonicWall"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A buffer overflow vulnerability in SonicOS allows a remote unauthenticated attacker to cause Denial of Service (DoS) on the firewall SSLVPN service and leads to firewall crash. This vulnerability affected SonicOS Gen 5 version 5.9.1.7, 5.9.1.13, Gen 6 version 6.5.4.7, 6.5.1.12, 6.0.5.3, SonicOSv 6.5.4.v and Gen 7 version 7.0.0.0."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-120: Buffer Copy without Checking Size of Input"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2020-0012",
"refsource": "CONFIRM",
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2020-0012"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"assignerShortName": "sonicwall",
"cveId": "CVE-2020-5137",
"datePublished": "2020-10-12T10:40:29",
"dateReserved": "2019-12-31T00:00:00",
"dateUpdated": "2024-08-04T08:22:08.704Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-53704 (GCVE-0-2024-53704)
Vulnerability from cvelistv5
Published
2025-01-09 06:52
Modified
2025-10-21 22:55
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-287 - Improper Authentication
Summary
An Improper Authentication vulnerability in the SSLVPN authentication mechanism allows a remote attacker to bypass authentication.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-53704",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-19T04:55:11.755621Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2025-02-18",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-53704"
},
"type": "kev"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-21T22:55:32.874Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-53704"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-02-18T00:00:00+00:00",
"value": "CVE-2024-53704 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"platforms": [
"Gen7 Hardware",
"Gen7 NSv",
"TZ80"
],
"product": "SonicOS",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "7.1.1-7058 and older versions"
},
{
"status": "affected",
"version": "7.1.2-7019"
},
{
"status": "affected",
"version": "8.0.0-8035"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Daan Keuper, Thijs Alkemade and Khaled Nassar of Computest Security through Trend Micro (Zero Day Initiative)"
}
],
"datePublic": "2025-01-08T06:46:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eAn Improper Authentication vulnerability in the SSLVPN authentication mechanism allows a remote attacker to bypass authentication.\u003c/span\u003e"
}
],
"value": "An Improper Authentication vulnerability in the SSLVPN authentication mechanism allows a remote attacker to bypass authentication."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "CWE-287 Improper Authentication",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-09T06:52:16.771Z",
"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"shortName": "sonicwall"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0003"
}
],
"source": {
"advisory": "SNWLID-2025-0003",
"discovery": "EXTERNAL"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"assignerShortName": "sonicwall",
"cveId": "CVE-2024-53704",
"datePublished": "2025-01-09T06:52:16.771Z",
"dateReserved": "2024-11-22T09:54:04.964Z",
"dateUpdated": "2025-10-21T22:55:32.874Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-5134 (GCVE-0-2020-5134)
Vulnerability from cvelistv5
Published
2020-10-12 10:40
Modified
2024-08-04 08:22
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-125 - Out-of-bounds Read
Summary
A vulnerability in SonicOS allows an authenticated attacker to cause out-of-bound invalid file reference leads to a firewall crash. This vulnerability affected SonicOS Gen 6 version 6.5.1.12, 6.0.5.3, SonicOSv 6.5.4.v and Gen 7 version 7.0.0.0.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T08:22:09.026Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2020-0009"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "SonicOS",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "SonicOS 6.5.1.11-4n and earlier"
},
{
"status": "affected",
"version": "SonicOS 6.0.5.3-93o and earlier"
},
{
"status": "affected",
"version": "SonicOSv 6.5.4.4-44v-21-794 and earlier"
},
{
"status": "affected",
"version": "SonicOS 7.0.0.0-1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in SonicOS allows an authenticated attacker to cause out-of-bound invalid file reference leads to a firewall crash. This vulnerability affected SonicOS Gen 6 version 6.5.1.12, 6.0.5.3, SonicOSv 6.5.4.v and Gen 7 version 7.0.0.0."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125: Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-10-12T10:40:28",
"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"shortName": "sonicwall"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2020-0009"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "PSIRT@sonicwall.com",
"ID": "CVE-2020-5134",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SonicOS",
"version": {
"version_data": [
{
"version_value": "SonicOS 6.5.1.11-4n and earlier"
},
{
"version_value": "SonicOS 6.0.5.3-93o and earlier"
},
{
"version_value": "SonicOSv 6.5.4.4-44v-21-794 and earlier"
},
{
"version_value": "SonicOS 7.0.0.0-1"
}
]
}
}
]
},
"vendor_name": "SonicWall"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in SonicOS allows an authenticated attacker to cause out-of-bound invalid file reference leads to a firewall crash. This vulnerability affected SonicOS Gen 6 version 6.5.1.12, 6.0.5.3, SonicOSv 6.5.4.v and Gen 7 version 7.0.0.0."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-125: Out-of-bounds Read"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2020-0009",
"refsource": "CONFIRM",
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2020-0009"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"assignerShortName": "sonicwall",
"cveId": "CVE-2020-5134",
"datePublished": "2020-10-12T10:40:28",
"dateReserved": "2019-12-31T00:00:00",
"dateUpdated": "2024-08-04T08:22:09.026Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-22276 (GCVE-0-2022-22276)
Vulnerability from cvelistv5
Published
2022-04-27 16:25
Modified
2024-08-03 03:07
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
Summary
A vulnerability in SonicOS SNMP service resulting exposure of sensitive information to an unauthorized user.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SonicWall | SonicOS |
Version: SonicOS Gen 7 TZ-Series 7.0.1-5030-R2007 and earlier versions. Version: SonicOS Gen 7 NSa-Series 7.0.1-5030-R2007 and earlier versions. Version: SonicOS Gen 7 NSv-Series 7.0.1.0-5030-1391 and earlier versions. Version: SonicOS Gen 7 NSsp-Series 7.0.1-5030-R780 and earlier versions. |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:07:50.191Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0004"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "SonicOS",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "SonicOS Gen 7 TZ-Series 7.0.1-5030-R2007 and earlier versions."
},
{
"status": "affected",
"version": "SonicOS Gen 7 NSa-Series 7.0.1-5030-R2007 and earlier versions."
},
{
"status": "affected",
"version": "SonicOS Gen 7 NSv-Series 7.0.1.0-5030-1391 and earlier versions."
},
{
"status": "affected",
"version": "SonicOS Gen 7 NSsp-Series 7.0.1-5030-R780 and earlier versions."
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in SonicOS SNMP service resulting exposure of sensitive information to an unauthorized user."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-27T16:25:15",
"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"shortName": "sonicwall"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0004"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "PSIRT@sonicwall.com",
"ID": "CVE-2022-22276",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SonicOS",
"version": {
"version_data": [
{
"version_value": "SonicOS Gen 7 TZ-Series 7.0.1-5030-R2007 and earlier versions."
},
{
"version_value": "SonicOS Gen 7 NSa-Series 7.0.1-5030-R2007 and earlier versions."
},
{
"version_value": "SonicOS Gen 7 NSv-Series 7.0.1.0-5030-1391 and earlier versions."
},
{
"version_value": "SonicOS Gen 7 NSsp-Series 7.0.1-5030-R780 and earlier versions."
}
]
}
}
]
},
"vendor_name": "SonicWall"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in SonicOS SNMP service resulting exposure of sensitive information to an unauthorized user."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0004",
"refsource": "CONFIRM",
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0004"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"assignerShortName": "sonicwall",
"cveId": "CVE-2022-22276",
"datePublished": "2022-04-27T16:25:15",
"dateReserved": "2021-12-29T00:00:00",
"dateUpdated": "2024-08-03T03:07:50.191Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-5132 (GCVE-0-2020-5132)
Vulnerability from cvelistv5
Published
2020-09-30 05:25
Modified
2024-08-04 08:22
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
Summary
SonicWall SSL-VPN products and SonicWall firewall SSL-VPN feature misconfiguration leads to possible DNS flaw known as domain name collision vulnerability. When the users publicly display their organization’s internal domain names in the SSL-VPN authentication page, an attacker with knowledge of internal domain names can potentially take advantage of this vulnerability.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T08:22:08.680Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2020-0006"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "SMA100",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "SMA100 10.2.0.2-20sv"
}
]
},
{
"product": "SMA1000",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "SMA1000 12.4.0-2223"
}
]
},
{
"product": "SonicOS",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "SonicOS 6.5.4.6-79n"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "SonicWall SSL-VPN products and SonicWall firewall SSL-VPN feature misconfiguration leads to possible DNS flaw known as domain name collision vulnerability. When the users publicly display their organization\u2019s internal domain names in the SSL-VPN authentication page, an attacker with knowledge of internal domain names can potentially take advantage of this vulnerability."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-09-30T05:25:11",
"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"shortName": "sonicwall"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2020-0006"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "PSIRT@sonicwall.com",
"ID": "CVE-2020-5132",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SMA100",
"version": {
"version_data": [
{
"version_value": "SMA100 10.2.0.2-20sv"
}
]
}
},
{
"product_name": "SMA1000",
"version": {
"version_data": [
{
"version_value": "SMA1000 12.4.0-2223"
}
]
}
},
{
"product_name": "SonicOS",
"version": {
"version_data": [
{
"version_value": "SonicOS 6.5.4.6-79n"
}
]
}
}
]
},
"vendor_name": "SonicWall"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SonicWall SSL-VPN products and SonicWall firewall SSL-VPN feature misconfiguration leads to possible DNS flaw known as domain name collision vulnerability. When the users publicly display their organization\u2019s internal domain names in the SSL-VPN authentication page, an attacker with knowledge of internal domain names can potentially take advantage of this vulnerability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2020-0006",
"refsource": "CONFIRM",
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2020-0006"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"assignerShortName": "sonicwall",
"cveId": "CVE-2020-5132",
"datePublished": "2020-09-30T05:25:11",
"dateReserved": "2019-12-31T00:00:00",
"dateUpdated": "2024-08-04T08:22:08.680Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-7475 (GCVE-0-2019-7475)
Vulnerability from cvelistv5
Published
2019-04-02 17:20
Modified
2024-08-04 20:46
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-284 - Improper Access Control
Summary
A vulnerability in SonicWall SonicOS and SonicOSv with management enabled system on specific configuration allow unprivileged user to access advanced routing services. This vulnerability affected SonicOS Gen 5 version 5.9.1.10 and earlier, Gen 6 version 6.2.7.3, 6.5.1.3, 6.5.2.2, 6.5.3.1, 6.2.7.8, 6.4.0.0, 6.5.1.8, 6.0.5.3-86o and SonicOSv 6.5.0.2-8v_RC363 (VMWARE), 6.5.0.2.8v_RC367 (AZURE), SonicOSv 6.5.0.2.8v_RC368 (AWS), SonicOSv 6.5.0.2.8v_RC366 (HYPER_V).
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T20:46:46.311Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0002"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "SonicOS",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "5.9.1.10 and earlier"
},
{
"status": "affected",
"version": "6.2.7.3"
},
{
"status": "affected",
"version": "6.5.1.3"
},
{
"status": "affected",
"version": "6.5.2.2"
},
{
"status": "affected",
"version": "6.5.3.1"
},
{
"status": "affected",
"version": "6.2.7.8"
},
{
"status": "affected",
"version": "6.4.0.0"
},
{
"status": "affected",
"version": "6.5.1.8"
},
{
"status": "affected",
"version": "6.0.5.3-86o"
}
]
},
{
"product": "SonicOSv",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "6.5.0.2-8v_RC363 (VMWARE)"
},
{
"status": "affected",
"version": "6.5.0.2.8v_RC367 (AZURE)"
},
{
"status": "affected",
"version": "6.5.0.2.8v_RC368 (AWS)"
},
{
"status": "affected",
"version": "6.5.0.2.8v_RC366 (HYPER_V)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in SonicWall SonicOS and SonicOSv with management enabled system on specific configuration allow unprivileged user to access advanced routing services. This vulnerability affected SonicOS Gen 5 version 5.9.1.10 and earlier, Gen 6 version 6.2.7.3, 6.5.1.3, 6.5.2.2, 6.5.3.1, 6.2.7.8, 6.4.0.0, 6.5.1.8, 6.0.5.3-86o and SonicOSv 6.5.0.2-8v_RC363 (VMWARE), 6.5.0.2.8v_RC367 (AZURE), SonicOSv 6.5.0.2.8v_RC368 (AWS), SonicOSv 6.5.0.2.8v_RC366 (HYPER_V)."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284: Improper Access Control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-04-02T17:20:39",
"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"shortName": "sonicwall"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0002"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "PSIRT@sonicwall.com",
"ID": "CVE-2019-7475",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SonicOS",
"version": {
"version_data": [
{
"version_value": "5.9.1.10 and earlier"
},
{
"version_value": "6.2.7.3"
},
{
"version_value": "6.5.1.3"
},
{
"version_value": "6.5.2.2"
},
{
"version_value": "6.5.3.1"
},
{
"version_value": "6.2.7.8"
},
{
"version_value": "6.4.0.0"
},
{
"version_value": "6.5.1.8"
},
{
"version_value": "6.0.5.3-86o"
}
]
}
},
{
"product_name": "SonicOSv",
"version": {
"version_data": [
{
"version_value": "6.5.0.2-8v_RC363 (VMWARE)"
},
{
"version_value": "6.5.0.2.8v_RC367 (AZURE)"
},
{
"version_value": "6.5.0.2.8v_RC368 (AWS)"
},
{
"version_value": "6.5.0.2.8v_RC366 (HYPER_V)"
}
]
}
}
]
},
"vendor_name": "SonicWall"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in SonicWall SonicOS and SonicOSv with management enabled system on specific configuration allow unprivileged user to access advanced routing services. This vulnerability affected SonicOS Gen 5 version 5.9.1.10 and earlier, Gen 6 version 6.2.7.3, 6.5.1.3, 6.5.2.2, 6.5.3.1, 6.2.7.8, 6.4.0.0, 6.5.1.8, 6.0.5.3-86o and SonicOSv 6.5.0.2-8v_RC363 (VMWARE), 6.5.0.2.8v_RC367 (AZURE), SonicOSv 6.5.0.2.8v_RC368 (AWS), SonicOSv 6.5.0.2.8v_RC366 (HYPER_V)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-284: Improper Access Control"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0002",
"refsource": "CONFIRM",
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0002"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"assignerShortName": "sonicwall",
"cveId": "CVE-2019-7475",
"datePublished": "2019-04-02T17:20:39",
"dateReserved": "2019-02-06T00:00:00",
"dateUpdated": "2024-08-04T20:46:46.311Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-9867 (GCVE-0-2018-9867)
Vulnerability from cvelistv5
Published
2019-02-19 21:00
Modified
2024-08-05 07:24
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-285 - Improper Authorization
Summary
In SonicWall SonicOS, administrators without full permissions can download imported certificates. Occurs when administrators who are not in the SonicWall Administrators user group attempt to download imported certificates. This vulnerability affected SonicOS Gen 5 version 5.9.1.10 and earlier, Gen 6 version 6.2.7.3, 6.5.1.3, 6.5.2.2, 6.5.3.1, 6.2.7.8, 6.4.0.0, 6.5.1.8, 6.0.5.3-86o and SonicOSv 6.5.0.2-8v_RC363 (VMWARE), 6.5.0.2.8v_RC367 (AZURE), SonicOSv 6.5.0.2.8v_RC368 (AWS), SonicOSv 6.5.0.2.8v_RC366 (HYPER_V).
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T07:24:56.351Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0017"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.tenable.com/security/research/tra-2019-08"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "SonicOS",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "5.9.1.10 and earlier"
},
{
"status": "affected",
"version": "6.2.7.3"
},
{
"status": "affected",
"version": "6.5.1.3"
},
{
"status": "affected",
"version": "6.5.2.2"
},
{
"status": "affected",
"version": "6.5.3.1"
},
{
"status": "affected",
"version": "6.2.7.8"
},
{
"status": "affected",
"version": "6.4.0.0"
},
{
"status": "affected",
"version": "6.5.1.8"
},
{
"status": "affected",
"version": "6.0.5.3-86o"
}
]
},
{
"product": "SonicOSv",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "6.5.0.2-8v_RC363 (VMWARE)"
},
{
"status": "affected",
"version": "6.5.0.2.8v_RC367 (AZURE)"
},
{
"status": "affected",
"version": "6.5.0.2.8v_RC368 (AWS)"
},
{
"status": "affected",
"version": "6.5.0.2.8v_RC366 (HYPER_V)"
}
]
}
],
"datePublic": "2019-02-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "In SonicWall SonicOS, administrators without full permissions can download imported certificates. Occurs when administrators who are not in the SonicWall Administrators user group attempt to download imported certificates. This vulnerability affected SonicOS Gen 5 version 5.9.1.10 and earlier, Gen 6 version 6.2.7.3, 6.5.1.3, 6.5.2.2, 6.5.3.1, 6.2.7.8, 6.4.0.0, 6.5.1.8, 6.0.5.3-86o and SonicOSv 6.5.0.2-8v_RC363 (VMWARE), 6.5.0.2.8v_RC367 (AZURE), SonicOSv 6.5.0.2.8v_RC368 (AWS), SonicOSv 6.5.0.2.8v_RC366 (HYPER_V)."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-285",
"description": "CWE-285: Improper Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-04-02T17:20:39",
"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"shortName": "sonicwall"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0017"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.tenable.com/security/research/tra-2019-08"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "PSIRT@sonicwall.com",
"ID": "CVE-2018-9867",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SonicOS",
"version": {
"version_data": [
{
"version_value": "5.9.1.10 and earlier"
},
{
"version_value": "6.2.7.3"
},
{
"version_value": "6.5.1.3"
},
{
"version_value": "6.5.2.2"
},
{
"version_value": "6.5.3.1"
},
{
"version_value": "6.2.7.8"
},
{
"version_value": "6.4.0.0"
},
{
"version_value": "6.5.1.8"
},
{
"version_value": "6.0.5.3-86o"
}
]
}
},
{
"product_name": "SonicOSv",
"version": {
"version_data": [
{
"version_value": "6.5.0.2-8v_RC363 (VMWARE)"
},
{
"version_value": "6.5.0.2.8v_RC367 (AZURE)"
},
{
"version_value": "6.5.0.2.8v_RC368 (AWS)"
},
{
"version_value": "6.5.0.2.8v_RC366 (HYPER_V)"
}
]
}
}
]
},
"vendor_name": "SonicWall"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In SonicWall SonicOS, administrators without full permissions can download imported certificates. Occurs when administrators who are not in the SonicWall Administrators user group attempt to download imported certificates. This vulnerability affected SonicOS Gen 5 version 5.9.1.10 and earlier, Gen 6 version 6.2.7.3, 6.5.1.3, 6.5.2.2, 6.5.3.1, 6.2.7.8, 6.4.0.0, 6.5.1.8, 6.0.5.3-86o and SonicOSv 6.5.0.2-8v_RC363 (VMWARE), 6.5.0.2.8v_RC367 (AZURE), SonicOSv 6.5.0.2.8v_RC368 (AWS), SonicOSv 6.5.0.2.8v_RC366 (HYPER_V)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-285: Improper Authorization"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0017",
"refsource": "CONFIRM",
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0017"
},
{
"name": "https://www.tenable.com/security/research/tra-2019-08",
"refsource": "MISC",
"url": "https://www.tenable.com/security/research/tra-2019-08"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"assignerShortName": "sonicwall",
"cveId": "CVE-2018-9867",
"datePublished": "2019-02-19T21:00:00",
"dateReserved": "2018-04-09T00:00:00",
"dateUpdated": "2024-08-05T07:24:56.351Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-20031 (GCVE-0-2021-20031)
Vulnerability from cvelistv5
Published
2021-10-12 22:55
Modified
2024-08-03 17:30
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-601 - URL Redirection to Untrusted Site ('Open Redirect')
Summary
A Host Header Redirection vulnerability in SonicOS potentially allows a remote attacker to redirect firewall management users to arbitrary web domains.
References
| ► | URL | Tags |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SonicWall | SonicOS |
Version: 7.0.1-R1262 and earlier Version: 7.0.1-R1283 and earlier Version: 7.0.1-R579 and earlier Version: 6.5.4.7 and earlier Version: 6.5.1.12 and earlier Version: 6.0.5.3-94o and earlier Version: 6.5.4.4-44V-21-987 and earlier Version: 5.9.1.13 and earlier |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T17:30:07.419Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0019"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/164502/Sonicwall-SonicOS-7.0-Host-Header-Injection.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "SonicOS",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "7.0.1-R1262 and earlier"
},
{
"status": "affected",
"version": "7.0.1-R1283 and earlier"
},
{
"status": "affected",
"version": "7.0.1-R579 and earlier"
},
{
"status": "affected",
"version": "6.5.4.7 and earlier"
},
{
"status": "affected",
"version": "6.5.1.12 and earlier"
},
{
"status": "affected",
"version": "6.0.5.3-94o and earlier"
},
{
"status": "affected",
"version": "6.5.4.4-44V-21-987 and earlier"
},
{
"status": "affected",
"version": "5.9.1.13 and earlier"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A Host Header Redirection vulnerability in SonicOS potentially allows a remote attacker to redirect firewall management users to arbitrary web domains."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-601",
"description": "CWE-601: URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-13T16:06:13",
"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"shortName": "sonicwall"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0019"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/164502/Sonicwall-SonicOS-7.0-Host-Header-Injection.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "PSIRT@sonicwall.com",
"ID": "CVE-2021-20031",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SonicOS",
"version": {
"version_data": [
{
"version_value": "7.0.1-R1262 and earlier"
},
{
"version_value": "7.0.1-R1283 and earlier"
},
{
"version_value": "7.0.1-R579 and earlier"
},
{
"version_value": "6.5.4.7 and earlier"
},
{
"version_value": "6.5.1.12 and earlier"
},
{
"version_value": "6.0.5.3-94o and earlier"
},
{
"version_value": "6.5.4.4-44V-21-987 and earlier"
},
{
"version_value": "5.9.1.13 and earlier"
}
]
}
}
]
},
"vendor_name": "SonicWall"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A Host Header Redirection vulnerability in SonicOS potentially allows a remote attacker to redirect firewall management users to arbitrary web domains."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-601: URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0019",
"refsource": "CONFIRM",
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0019"
},
{
"name": "http://packetstormsecurity.com/files/164502/Sonicwall-SonicOS-7.0-Host-Header-Injection.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/164502/Sonicwall-SonicOS-7.0-Host-Header-Injection.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"assignerShortName": "sonicwall",
"cveId": "CVE-2021-20031",
"datePublished": "2021-10-12T22:55:09",
"dateReserved": "2020-12-17T00:00:00",
"dateUpdated": "2024-08-03T17:30:07.419Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-53706 (GCVE-0-2024-53706)
Vulnerability from cvelistv5
Published
2025-01-09 07:05
Modified
2025-01-09 15:31
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-269 - Improper Privilege Management
Summary
A vulnerability in the Gen7 SonicOS Cloud platform NSv, allows a remote authenticated local low-privileged attacker to elevate privileges to `root` and potentially lead to code execution.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-53706",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-09T14:59:32.676413Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-09T15:31:37.317Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"platforms": [
"Gen7 NSv Cloud platform"
],
"product": "SonicOS",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "7.1.1-7058 and older versions"
},
{
"status": "affected",
"version": "7.1.2-7019"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Daan Keuper, Thijs Alkemade and Khaled Nassar of Computest Security through Trend Micro (Zero Day Initiative)"
}
],
"datePublic": "2025-01-08T06:51:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA vulnerability in the Gen7 SonicOS Cloud platform NSv, allows a remote authenticated local low-privileged attacker to elevate privileges to `root` and potentially lead to code execution.\u003c/span\u003e\u003c/span\u003e\u003c/span\u003e"
}
],
"value": "A vulnerability in the Gen7 SonicOS Cloud platform NSv, allows a remote authenticated local low-privileged attacker to elevate privileges to `root` and potentially lead to code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269 Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-09T07:05:11.185Z",
"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"shortName": "sonicwall"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0003"
}
],
"source": {
"advisory": "SNWLID-2025-0003",
"discovery": "EXTERNAL"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"assignerShortName": "sonicwall",
"cveId": "CVE-2024-53706",
"datePublished": "2025-01-09T07:05:11.185Z",
"dateReserved": "2024-11-22T09:54:04.964Z",
"dateUpdated": "2025-01-09T15:31:37.317Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-39277 (GCVE-0-2023-39277)
Vulnerability from cvelistv5
Published
2023-10-17 22:08
Modified
2024-09-13 16:03
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-121 - Stack-based Buffer Overflow
Summary
SonicOS post-authentication stack-based buffer overflow vulnerability in the sonicflow.csv and appflowsessions.csv URL endpoints leads to a firewall crash.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T18:02:06.752Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0012"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-39277",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-13T16:02:52.041284Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-13T16:03:01.532Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"modules": [
"Management",
"SSLVPN"
],
"product": "SonicOS",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "7.0.1-5119 and earlier versions"
},
{
"status": "affected",
"version": "7.0.1-5129 and earlier versions"
},
{
"status": "affected",
"version": "6.5.4.4-44v-21-2079 and earlier versions"
},
{
"status": "affected",
"version": "6.5.4.12-101n and earlier versions"
}
]
}
],
"datePublic": "2023-10-17T22:08:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eSonicOS post-authentication stack-based buffer overflow vulnerability \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003ein the sonicflow.csv and appflowsessions.csv URL endpoints leads to a firewall crash.\u003c/span\u003e"
}
],
"value": "\nSonicOS post-authentication stack-based buffer overflow vulnerability in the sonicflow.csv and appflowsessions.csv URL endpoints leads to a firewall crash."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121 Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-17T22:08:55.318Z",
"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"shortName": "sonicwall"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0012"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"assignerShortName": "sonicwall",
"cveId": "CVE-2023-39277",
"datePublished": "2023-10-17T22:08:55.318Z",
"dateReserved": "2023-07-27T00:07:04.124Z",
"dateUpdated": "2024-09-13T16:03:01.532Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-41715 (GCVE-0-2023-41715)
Vulnerability from cvelistv5
Published
2023-10-17 22:33
Modified
2025-05-02 18:19
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-269 - Improper Privilege Management
Summary
SonicOS post-authentication Improper Privilege Management vulnerability in the SonicOS SSL VPN Tunnel allows users to elevate their privileges inside the tunnel.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:01:35.411Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0012"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-41715",
"options": [
{
"Exploitation": "None"
},
{
"Automatable": "No"
},
{
"Technical Impact": "Total"
}
],
"role": "CISA Coordinator",
"timestamp": "2023-11-15T16:39:20.290510Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-02T18:19:50.910Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"modules": [
"Management",
"SSLVPN"
],
"product": "SonicOS",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "7.0.1-5119 and earlier versions"
},
{
"status": "affected",
"version": "7.0.1-5129 and earlier versions"
},
{
"status": "affected",
"version": "6.5.4.4-44v-21-2079 and earlier versions"
},
{
"status": "affected",
"version": "6.5.4.12-101n and earlier versions"
}
]
}
],
"datePublic": "2023-10-17T22:33:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "SonicOS post-authentication Improper Privilege Management vulnerability in the SonicOS SSL VPN Tunnel allows users to elevate their privileges inside the tunnel.\u003cbr\u003e"
}
],
"value": "SonicOS post-authentication Improper Privilege Management vulnerability in the SonicOS SSL VPN Tunnel allows users to elevate their privileges inside the tunnel.\n"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269 Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-17T22:33:57.440Z",
"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"shortName": "sonicwall"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0012"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"assignerShortName": "sonicwall",
"cveId": "CVE-2023-41715",
"datePublished": "2023-10-17T22:33:57.440Z",
"dateReserved": "2023-08-30T17:07:28.452Z",
"dateUpdated": "2025-05-02T18:19:50.910Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-5133 (GCVE-0-2020-5133)
Vulnerability from cvelistv5
Published
2020-10-12 10:40
Modified
2024-08-04 08:22
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-120 - Buffer Copy without Checking Size of Input
Summary
A vulnerability in SonicOS allows a remote unauthenticated attacker to cause Denial of Service due to buffer overflow, which leads to a firewall crash. This vulnerability affected SonicOS Gen 6 version 6.5.1.12, 6.0.5.3, SonicOSv 6.5.4.v and Gen 7 version 7.0.0.0.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T08:22:09.005Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2020-0008"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "SonicOS",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "SonicOS 6.5.1.11-4n and earlier"
},
{
"status": "affected",
"version": "SonicOS 6.0.5.3-93o and earlier"
},
{
"status": "affected",
"version": "SonicOSv 6.5.4.4-44v-21-794 and earlier"
},
{
"status": "affected",
"version": "SonicOS 7.0.0.0-1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in SonicOS allows a remote unauthenticated attacker to cause Denial of Service due to buffer overflow, which leads to a firewall crash. This vulnerability affected SonicOS Gen 6 version 6.5.1.12, 6.0.5.3, SonicOSv 6.5.4.v and Gen 7 version 7.0.0.0."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-120",
"description": "CWE-120: Buffer Copy without Checking Size of Input",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-10-12T10:40:27",
"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"shortName": "sonicwall"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2020-0008"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "PSIRT@sonicwall.com",
"ID": "CVE-2020-5133",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SonicOS",
"version": {
"version_data": [
{
"version_value": "SonicOS 6.5.1.11-4n and earlier"
},
{
"version_value": "SonicOS 6.0.5.3-93o and earlier"
},
{
"version_value": "SonicOSv 6.5.4.4-44v-21-794 and earlier"
},
{
"version_value": "SonicOS 7.0.0.0-1"
}
]
}
}
]
},
"vendor_name": "SonicWall"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in SonicOS allows a remote unauthenticated attacker to cause Denial of Service due to buffer overflow, which leads to a firewall crash. This vulnerability affected SonicOS Gen 6 version 6.5.1.12, 6.0.5.3, SonicOSv 6.5.4.v and Gen 7 version 7.0.0.0."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-120: Buffer Copy without Checking Size of Input"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2020-0008",
"refsource": "CONFIRM",
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2020-0008"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"assignerShortName": "sonicwall",
"cveId": "CVE-2020-5133",
"datePublished": "2020-10-12T10:40:27",
"dateReserved": "2019-12-31T00:00:00",
"dateUpdated": "2024-08-04T08:22:09.005Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-0656 (GCVE-0-2023-0656)
Vulnerability from cvelistv5
Published
2023-03-02 00:00
Modified
2025-03-07 17:28
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-121 - Stack-based Buffer Overflow
Summary
A Stack-based buffer overflow vulnerability in the SonicOS allows a remote unauthenticated attacker to cause Denial of Service (DoS), which could cause an impacted firewall to crash.
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T05:17:50.372Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0004"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-0656",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-07T17:27:55.650091Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-07T17:28:09.794Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "SonicOS",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "SonicOS NSv 6.5.4.4-44v-21-1551 and earlier"
},
{
"status": "affected",
"version": "SonicOS NSsp 7.0.1-5083 and earlier"
},
{
"status": "affected",
"version": "SonicOS 7.0.1-5095 and earlier"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A Stack-based buffer overflow vulnerability in the SonicOS allows a remote unauthenticated attacker to cause Denial of Service (DoS), which could cause an impacted firewall to crash."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121: Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-03-02T00:00:00.000Z",
"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"shortName": "sonicwall"
},
"references": [
{
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0004"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"assignerShortName": "sonicwall",
"cveId": "CVE-2023-0656",
"datePublished": "2023-03-02T00:00:00.000Z",
"dateReserved": "2023-02-02T00:00:00.000Z",
"dateUpdated": "2025-03-07T17:28:09.794Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-41713 (GCVE-0-2023-41713)
Vulnerability from cvelistv5
Published
2023-10-17 22:28
Modified
2024-09-13 19:32
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-259 - Use of Hard-coded Password
Summary
SonicOS Use of Hard-coded Password vulnerability in the 'dynHandleBuyToolbar' demo function.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:01:35.438Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0012"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:o:sonicwall:sonicos:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sonicos",
"vendor": "sonicwall",
"versions": [
{
"lessThan": "7.0.1-5119",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "7.0.1-5129",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "6.5.4.4-44v-21-2079",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "6.5.4.12-101n",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-41713",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-13T19:29:35.513087Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-13T19:32:58.092Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"modules": [
"Management",
"SSLVPN"
],
"product": "SonicOS",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "7.0.1-5119 and earlier versions"
},
{
"status": "affected",
"version": "7.0.1-5129 and earlier versions"
},
{
"status": "affected",
"version": "6.5.4.4-44v-21-2079 and earlier versions"
},
{
"status": "affected",
"version": "6.5.4.12-101n and earlier versions"
}
]
}
],
"datePublic": "2023-10-17T22:28:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "SonicOS Use of Hard-coded Password vulnerability in the \u0027dynHandleBuyToolbar\u0027 demo function."
}
],
"value": "SonicOS Use of Hard-coded Password vulnerability in the \u0027dynHandleBuyToolbar\u0027 demo function."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-259",
"description": "CWE-259 Use of Hard-coded Password",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-17T22:28:50.229Z",
"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"shortName": "sonicwall"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0012"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"assignerShortName": "sonicwall",
"cveId": "CVE-2023-41713",
"datePublished": "2023-10-17T22:28:50.229Z",
"dateReserved": "2023-08-30T17:07:28.452Z",
"dateUpdated": "2024-09-13T19:32:58.092Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-41711 (GCVE-0-2023-41711)
Vulnerability from cvelistv5
Published
2023-10-17 22:20
Modified
2024-09-13 15:38
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-121 - Stack-based Buffer Overflow
Summary
SonicOS post-authentication Stack-Based Buffer Overflow Vulnerability in the sonicwall.exp, prefs.exp URL endpoints lead to a firewall crash.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:01:35.448Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0012"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-41711",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-13T15:38:20.952791Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-13T15:38:30.661Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"modules": [
"Management",
"SSLVPN"
],
"product": "SonicOS",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "7.0.1-5119 and earlier versions"
},
{
"status": "affected",
"version": "7.0.1-5129 and earlier versions"
},
{
"status": "affected",
"version": "6.5.4.4-44v-21-2079 and earlier versions"
},
{
"status": "affected",
"version": "6.5.4.12-101n and earlier versions"
}
]
}
],
"datePublic": "2023-10-17T22:20:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "SonicOS post-authentication Stack-Based Buffer Overflow Vulnerability in the sonicwall.exp, prefs.exp URL endpoints lead to a firewall crash."
}
],
"value": "SonicOS post-authentication Stack-Based Buffer Overflow Vulnerability in the sonicwall.exp, prefs.exp URL endpoints lead to a firewall crash."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121 Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-17T22:20:36.619Z",
"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"shortName": "sonicwall"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0012"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"assignerShortName": "sonicwall",
"cveId": "CVE-2023-41711",
"datePublished": "2023-10-17T22:20:36.619Z",
"dateReserved": "2023-08-30T17:07:28.451Z",
"dateUpdated": "2024-09-13T15:38:30.661Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-40765 (GCVE-0-2024-40765)
Vulnerability from cvelistv5
Published
2025-01-09 07:12
Modified
2025-01-09 14:58
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-190 - Integer Overflow or Wraparound
Summary
An Integer-based buffer overflow vulnerability in the SonicOS via IPSec allows a remote attacker in specific conditions to cause Denial of Service (DoS) and potentially execute arbitrary code by sending a specially crafted IKEv2 payload.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-40765",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-09T14:57:15.059169Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-09T14:58:28.792Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"platforms": [
"Gen6 NSv",
"Gen7 Hardware",
"Gen7 NSv"
],
"product": "SonicOS",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "6.5.4.4-44v-21-2395 and older versions"
},
{
"status": "affected",
"version": "7.0.1-5151 and older versions"
},
{
"status": "affected",
"version": "7.1.1-7051 and older versions"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Yue Liu \u0026 n3k from TIANGONG Team of Legendsec at QI-ANXIN Group"
}
],
"datePublic": "2025-01-08T07:06:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eAn Integer-based buffer overflow vulnerability in the SonicOS via IPSec allows a remote attacker in specific conditions to cause Denial of Service (DoS) and potentially execute arbitrary code by sending a specially crafted IKEv2 payload.\u003c/span\u003e"
}
],
"value": "An Integer-based buffer overflow vulnerability in the SonicOS via IPSec allows a remote attacker in specific conditions to cause Denial of Service (DoS) and potentially execute arbitrary code by sending a specially crafted IKEv2 payload."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-190",
"description": "CWE-190 Integer Overflow or Wraparound",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-09T07:12:40.644Z",
"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"shortName": "sonicwall"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0013"
}
],
"source": {
"advisory": "SNWLID-2024-0013",
"discovery": "EXTERNAL"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"assignerShortName": "sonicwall",
"cveId": "CVE-2024-40765",
"datePublished": "2025-01-09T07:12:40.644Z",
"dateReserved": "2024-07-10T15:58:49.462Z",
"dateUpdated": "2025-01-09T14:58:28.792Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-5143 (GCVE-0-2020-5143)
Vulnerability from cvelistv5
Published
2020-10-12 10:40
Modified
2024-08-04 08:22
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-203 - Observable Differences in Behavior to Error Inputs
Summary
SonicOS SSLVPN login page allows a remote unauthenticated attacker to perform firewall management administrator username enumeration based on the server responses. This vulnerability affected SonicOS Gen 5 version 5.9.1.7, 5.9.1.13, Gen 6 version 6.5.4.7, 6.5.1.12, 6.0.5.3, SonicOSv 6.5.4.v and Gen 7 version SonicOS 7.0.0.0.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SonicWall | SonicOS |
Version: SonicOS 6.5.4.7-79n and earlier Version: SonicOS 5.9.1.7-2n and earlier Version: SonicOS 5.9.1.13-5n and earlier Version: SonicOS 6.5.1.11-4n and earlier Version: SonicOS 6.0.5.3-93o and earlier Version: SonicOSv 6.5.4.4-44v-21-794 and earlier Version: SonicOS 7.0.0.0-1 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T08:22:08.901Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2020-0018"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "SonicOS",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "SonicOS 6.5.4.7-79n and earlier"
},
{
"status": "affected",
"version": "SonicOS 5.9.1.7-2n and earlier"
},
{
"status": "affected",
"version": "SonicOS 5.9.1.13-5n and earlier"
},
{
"status": "affected",
"version": "SonicOS 6.5.1.11-4n and earlier"
},
{
"status": "affected",
"version": "SonicOS 6.0.5.3-93o and earlier"
},
{
"status": "affected",
"version": "SonicOSv 6.5.4.4-44v-21-794 and earlier"
},
{
"status": "affected",
"version": "SonicOS 7.0.0.0-1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "SonicOS SSLVPN login page allows a remote unauthenticated attacker to perform firewall management administrator username enumeration based on the server responses. This vulnerability affected SonicOS Gen 5 version 5.9.1.7, 5.9.1.13, Gen 6 version 6.5.4.7, 6.5.1.12, 6.0.5.3, SonicOSv 6.5.4.v and Gen 7 version SonicOS 7.0.0.0."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-203",
"description": "CWE-203: Observable Differences in Behavior to Error Inputs",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-10-12T10:40:32",
"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"shortName": "sonicwall"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2020-0018"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "PSIRT@sonicwall.com",
"ID": "CVE-2020-5143",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SonicOS",
"version": {
"version_data": [
{
"version_value": "SonicOS 6.5.4.7-79n and earlier"
},
{
"version_value": "SonicOS 5.9.1.7-2n and earlier"
},
{
"version_value": "SonicOS 5.9.1.13-5n and earlier"
},
{
"version_value": "SonicOS 6.5.1.11-4n and earlier"
},
{
"version_value": "SonicOS 6.0.5.3-93o and earlier"
},
{
"version_value": "SonicOSv 6.5.4.4-44v-21-794 and earlier"
},
{
"version_value": "SonicOS 7.0.0.0-1"
}
]
}
}
]
},
"vendor_name": "SonicWall"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SonicOS SSLVPN login page allows a remote unauthenticated attacker to perform firewall management administrator username enumeration based on the server responses. This vulnerability affected SonicOS Gen 5 version 5.9.1.7, 5.9.1.13, Gen 6 version 6.5.4.7, 6.5.1.12, 6.0.5.3, SonicOSv 6.5.4.v and Gen 7 version SonicOS 7.0.0.0."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-203: Observable Differences in Behavior to Error Inputs"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2020-0018",
"refsource": "CONFIRM",
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2020-0018"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"assignerShortName": "sonicwall",
"cveId": "CVE-2020-5143",
"datePublished": "2020-10-12T10:40:32",
"dateReserved": "2019-12-31T00:00:00",
"dateUpdated": "2024-08-04T08:22:08.901Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-7474 (GCVE-0-2019-7474)
Vulnerability from cvelistv5
Published
2019-04-02 17:20
Modified
2024-08-04 20:46
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-248 - Uncaught Exception
Summary
A vulnerability in SonicWall SonicOS and SonicOSv, allow authenticated read-only admin to leave the firewall in an unstable state by downloading certificate with specific extension. This vulnerability affected SonicOS Gen 5 version 5.9.1.10 and earlier, Gen 6 version 6.2.7.3, 6.5.1.3, 6.5.2.2, 6.5.3.1, 6.2.7.8, 6.4.0.0, 6.5.1.8, 6.0.5.3-86o and SonicOSv 6.5.0.2-8v_RC363 (VMWARE), 6.5.0.2.8v_RC367 (AZURE), SonicOSv 6.5.0.2.8v_RC368 (AWS), SonicOSv 6.5.0.2.8v_RC366 (HYPER_V).
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T20:46:46.349Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0001"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "SonicOS",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "5.9.1.10 and earlier"
},
{
"status": "affected",
"version": "6.2.7.3"
},
{
"status": "affected",
"version": "6.5.1.3"
},
{
"status": "affected",
"version": "6.5.2.2"
},
{
"status": "affected",
"version": "6.5.3.1"
},
{
"status": "affected",
"version": "6.2.7.8"
},
{
"status": "affected",
"version": "6.4.0.0"
},
{
"status": "affected",
"version": "6.5.1.8"
},
{
"status": "affected",
"version": "6.0.5.3-86o"
}
]
},
{
"product": "SonicOSv",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "6.5.0.2-8v_RC363 (VMWARE)"
},
{
"status": "affected",
"version": "6.5.0.2.8v_RC367 (AZURE)"
},
{
"status": "affected",
"version": "6.5.0.2.8v_RC368 (AWS)"
},
{
"status": "affected",
"version": "6.5.0.2.8v_RC366 (HYPER_V)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in SonicWall SonicOS and SonicOSv, allow authenticated read-only admin to leave the firewall in an unstable state by downloading certificate with specific extension. This vulnerability affected SonicOS Gen 5 version 5.9.1.10 and earlier, Gen 6 version 6.2.7.3, 6.5.1.3, 6.5.2.2, 6.5.3.1, 6.2.7.8, 6.4.0.0, 6.5.1.8, 6.0.5.3-86o and SonicOSv 6.5.0.2-8v_RC363 (VMWARE), 6.5.0.2.8v_RC367 (AZURE), SonicOSv 6.5.0.2.8v_RC368 (AWS), SonicOSv 6.5.0.2.8v_RC366 (HYPER_V)."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-248",
"description": "CWE-248: Uncaught Exception",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-04-02T17:20:39",
"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"shortName": "sonicwall"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0001"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "PSIRT@sonicwall.com",
"ID": "CVE-2019-7474",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SonicOS",
"version": {
"version_data": [
{
"version_value": "5.9.1.10 and earlier"
},
{
"version_value": "6.2.7.3"
},
{
"version_value": "6.5.1.3"
},
{
"version_value": "6.5.2.2"
},
{
"version_value": "6.5.3.1"
},
{
"version_value": "6.2.7.8"
},
{
"version_value": "6.4.0.0"
},
{
"version_value": "6.5.1.8"
},
{
"version_value": "6.0.5.3-86o"
}
]
}
},
{
"product_name": "SonicOSv",
"version": {
"version_data": [
{
"version_value": "6.5.0.2-8v_RC363 (VMWARE)"
},
{
"version_value": "6.5.0.2.8v_RC367 (AZURE)"
},
{
"version_value": "6.5.0.2.8v_RC368 (AWS)"
},
{
"version_value": "6.5.0.2.8v_RC366 (HYPER_V)"
}
]
}
}
]
},
"vendor_name": "SonicWall"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in SonicWall SonicOS and SonicOSv, allow authenticated read-only admin to leave the firewall in an unstable state by downloading certificate with specific extension. This vulnerability affected SonicOS Gen 5 version 5.9.1.10 and earlier, Gen 6 version 6.2.7.3, 6.5.1.3, 6.5.2.2, 6.5.3.1, 6.2.7.8, 6.4.0.0, 6.5.1.8, 6.0.5.3-86o and SonicOSv 6.5.0.2-8v_RC363 (VMWARE), 6.5.0.2.8v_RC367 (AZURE), SonicOSv 6.5.0.2.8v_RC368 (AWS), SonicOSv 6.5.0.2.8v_RC366 (HYPER_V)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-248: Uncaught Exception"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0001",
"refsource": "CONFIRM",
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0001"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"assignerShortName": "sonicwall",
"cveId": "CVE-2019-7474",
"datePublished": "2019-04-02T17:20:39",
"dateReserved": "2019-02-06T00:00:00",
"dateUpdated": "2024-08-04T20:46:46.349Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-39276 (GCVE-0-2023-39276)
Vulnerability from cvelistv5
Published
2023-10-17 22:04
Modified
2024-09-13 16:04
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-121 - Stack-based Buffer Overflow
Summary
SonicOS post-authentication stack-based buffer overflow vulnerability in the getBookmarkList.json URL endpoint leads to a firewall crash.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T18:02:06.830Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0012"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-39276",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-13T16:04:23.771929Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-13T16:04:35.863Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"modules": [
"Management",
"SSLVPN"
],
"product": "SonicOS",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "7.0.1-5119 and earlier versions"
},
{
"status": "affected",
"version": "7.0.1-5129 and earlier versions"
},
{
"status": "affected",
"version": "6.5.4.4-44v-21-2079 and earlier versions"
},
{
"status": "affected",
"version": "6.5.4.12-101n and earlier versions"
}
]
}
],
"datePublic": "2023-10-17T22:04:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\nSonicOS post-authentication stack-based buffer overflow vulnerability in the getBookmarkList.json URL endpoint leads to a firewall crash.\n\n\u003cbr\u003e"
}
],
"value": "\nSonicOS post-authentication stack-based buffer overflow vulnerability in the getBookmarkList.json URL endpoint leads to a firewall crash.\n\n\n"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121 Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-17T22:04:34.956Z",
"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"shortName": "sonicwall"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0012"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"assignerShortName": "sonicwall",
"cveId": "CVE-2023-39276",
"datePublished": "2023-10-17T22:04:34.956Z",
"dateReserved": "2023-07-27T00:07:04.124Z",
"dateUpdated": "2024-09-13T16:04:35.863Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-7479 (GCVE-0-2019-7479)
Vulnerability from cvelistv5
Published
2019-12-31 01:30
Modified
2024-08-04 20:54
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-285 - Improper Authorization
Summary
A vulnerability in SonicOS allow authenticated read-only admin can elevate permissions to configuration mode. This vulnerability affected SonicOS Gen 5 version 5.9.1.12-4o and earlier, Gen 6 version 6.2.7.4-32n, 6.5.1.4-4n, 6.5.2.3-4n, 6.5.3.3-3n, 6.2.7.10-3n, 6.4.1.0-3n, 6.5.3.3-3n, 6.5.1.9-4n and SonicOSv 6.5.0.2-8v_RC363 (VMWARE), 6.5.0.2.8v_RC367 (AZURE), SonicOSv 6.5.0.2.8v_RC368 (AWS), SonicOSv 6.5.0.2.8v_RC366 (HYPER_V).
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T20:54:26.999Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0012"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "SonicOS",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "5.9.1.12-4o"
},
{
"status": "affected",
"version": "6.2.7.4-32n"
},
{
"status": "affected",
"version": "6.5.1.4-4n"
},
{
"status": "affected",
"version": "6.5.2.3-4n"
},
{
"status": "affected",
"version": "6.5.3.3-3n"
},
{
"status": "affected",
"version": "6.2.7.10-3n"
},
{
"status": "affected",
"version": "6.4.1.0-3n"
},
{
"status": "affected",
"version": "6.5.1.9-4n"
}
]
},
{
"product": "SonicOSv",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "6.5.0.2-8v_RC363 (VMWARE)"
},
{
"status": "affected",
"version": "6.5.0.2.8v_RC367 (AZURE)"
},
{
"status": "affected",
"version": "6.5.0.2.8v_RC368 (AWS)"
},
{
"status": "affected",
"version": "6.5.0.2.8v_RC366 (HYPER_V)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in SonicOS allow authenticated read-only admin can elevate permissions to configuration mode. This vulnerability affected SonicOS Gen 5 version 5.9.1.12-4o and earlier, Gen 6 version 6.2.7.4-32n, 6.5.1.4-4n, 6.5.2.3-4n, 6.5.3.3-3n, 6.2.7.10-3n, 6.4.1.0-3n, 6.5.3.3-3n, 6.5.1.9-4n and SonicOSv 6.5.0.2-8v_RC363 (VMWARE), 6.5.0.2.8v_RC367 (AZURE), SonicOSv 6.5.0.2.8v_RC368 (AWS), SonicOSv 6.5.0.2.8v_RC366 (HYPER_V)."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-285",
"description": "CWE-285: Improper Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-12-31T01:30:14",
"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"shortName": "sonicwall"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0012"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "PSIRT@sonicwall.com",
"ID": "CVE-2019-7479",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SonicOS",
"version": {
"version_data": [
{
"version_value": "5.9.1.12-4o"
},
{
"version_value": "6.2.7.4-32n"
},
{
"version_value": "6.5.1.4-4n"
},
{
"version_value": "6.5.2.3-4n"
},
{
"version_value": "6.5.3.3-3n"
},
{
"version_value": "6.2.7.10-3n"
},
{
"version_value": "6.4.1.0-3n"
},
{
"version_value": "6.5.3.3-3n"
},
{
"version_value": "6.5.1.9-4n"
}
]
}
},
{
"product_name": "SonicOSv",
"version": {
"version_data": [
{
"version_value": "6.5.0.2-8v_RC363 (VMWARE)"
},
{
"version_value": "6.5.0.2.8v_RC367 (AZURE)"
},
{
"version_value": "6.5.0.2.8v_RC368 (AWS)"
},
{
"version_value": "6.5.0.2.8v_RC366 (HYPER_V)"
}
]
}
}
]
},
"vendor_name": "SonicWall"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in SonicOS allow authenticated read-only admin can elevate permissions to configuration mode. This vulnerability affected SonicOS Gen 5 version 5.9.1.12-4o and earlier, Gen 6 version 6.2.7.4-32n, 6.5.1.4-4n, 6.5.2.3-4n, 6.5.3.3-3n, 6.2.7.10-3n, 6.4.1.0-3n, 6.5.3.3-3n, 6.5.1.9-4n and SonicOSv 6.5.0.2-8v_RC363 (VMWARE), 6.5.0.2.8v_RC367 (AZURE), SonicOSv 6.5.0.2.8v_RC368 (AWS), SonicOSv 6.5.0.2.8v_RC366 (HYPER_V)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-285: Improper Authorization"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0012",
"refsource": "CONFIRM",
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0012"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"assignerShortName": "sonicwall",
"cveId": "CVE-2019-7479",
"datePublished": "2019-12-31T01:30:14",
"dateReserved": "2019-02-06T00:00:00",
"dateUpdated": "2024-08-04T20:54:26.999Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-5135 (GCVE-0-2020-5135)
Vulnerability from cvelistv5
Published
2020-10-12 10:40
Modified
2025-10-21 23:35
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-120 - Buffer Copy without Checking Size of Input
Summary
A buffer overflow vulnerability in SonicOS allows a remote attacker to cause Denial of Service (DoS) and potentially execute arbitrary code by sending a malicious request to the firewall. This vulnerability affected SonicOS Gen 6 version 6.5.4.7, 6.5.1.12, 6.0.5.3, SonicOSv 6.5.4.v and Gen 7 version 7.0.0.0.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T08:22:08.937Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2020-0010"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2020-5135",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-06T19:55:08.576470Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2022-03-15",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-5135"
},
"type": "kev"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-21T23:35:35.728Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-5135"
}
],
"timeline": [
{
"lang": "en",
"time": "2022-03-15T00:00:00+00:00",
"value": "CVE-2020-5135 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "SonicOS",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "SonicOS 6.5.4.7-79n and earlier"
},
{
"status": "affected",
"version": "SonicOS 6.5.1.11-4n and earlier"
},
{
"status": "affected",
"version": "SonicOS 6.0.5.3-93o and earlier"
},
{
"status": "affected",
"version": "SonicOSv 6.5.4.4-44v-21-794 and earlier"
},
{
"status": "affected",
"version": "SonicOS 7.0.0.0-1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A buffer overflow vulnerability in SonicOS allows a remote attacker to cause Denial of Service (DoS) and potentially execute arbitrary code by sending a malicious request to the firewall. This vulnerability affected SonicOS Gen 6 version 6.5.4.7, 6.5.1.12, 6.0.5.3, SonicOSv 6.5.4.v and Gen 7 version 7.0.0.0."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-120",
"description": "CWE-120: Buffer Copy without Checking Size of Input",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-10-12T10:40:28.000Z",
"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"shortName": "sonicwall"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2020-0010"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "PSIRT@sonicwall.com",
"ID": "CVE-2020-5135",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SonicOS",
"version": {
"version_data": [
{
"version_value": "SonicOS 6.5.4.7-79n and earlier"
},
{
"version_value": "SonicOS 6.5.1.11-4n and earlier"
},
{
"version_value": "SonicOS 6.0.5.3-93o and earlier"
},
{
"version_value": "SonicOSv 6.5.4.4-44v-21-794 and earlier"
},
{
"version_value": "SonicOS 7.0.0.0-1"
}
]
}
}
]
},
"vendor_name": "SonicWall"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A buffer overflow vulnerability in SonicOS allows a remote attacker to cause Denial of Service (DoS) and potentially execute arbitrary code by sending a malicious request to the firewall. This vulnerability affected SonicOS Gen 6 version 6.5.4.7, 6.5.1.12, 6.0.5.3, SonicOSv 6.5.4.v and Gen 7 version 7.0.0.0."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-120: Buffer Copy without Checking Size of Input"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2020-0010",
"refsource": "CONFIRM",
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2020-0010"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"assignerShortName": "sonicwall",
"cveId": "CVE-2020-5135",
"datePublished": "2020-10-12T10:40:28.000Z",
"dateReserved": "2019-12-31T00:00:00.000Z",
"dateUpdated": "2025-10-21T23:35:35.728Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-40766 (GCVE-0-2024-40766)
Vulnerability from cvelistv5
Published
2024-08-23 06:19
Modified
2025-10-21 22:55
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-284 - Improper Access Control
Summary
An improper access control vulnerability has been identified in the SonicWall SonicOS management access, potentially leading to unauthorized resource access and in specific conditions, causing the firewall to crash. This issue affects SonicWall Firewall Gen 5 and Gen 6 devices, as well as Gen 7 devices running SonicOS 7.0.1-5035 and older versions.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sonicos",
"vendor": "sonicwall",
"versions": [
{
"lessThanOrEqual": "5.9.2.14-12o",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.5.4.14-109n",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "7.0.1-5035",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sonicos",
"vendor": "sonicwall",
"versions": [
{
"lessThanOrEqual": "5.9.2.14-12o",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.5.4.14-109n",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "7.0.1-5035",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sonicos",
"vendor": "sonicwall",
"versions": [
{
"lessThanOrEqual": "5.9.2.14-12o",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.5.4.14-109n",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "7.0.1-5035",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:L",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-40766",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-09T14:11:51.602153Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2024-09-09",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-40766"
},
"type": "kev"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-21T22:55:46.444Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-40766"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-09-09T00:00:00+00:00",
"value": "CVE-2024-40766 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"platforms": [
"Gen5",
"Gen6",
"Gen7"
],
"product": "SonicOS",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "5.9.2.14-12o and older versions"
},
{
"status": "affected",
"version": "6.5.4.14-109n and older versions"
},
{
"status": "affected",
"version": "7.0.1-5035 and older versions"
}
]
}
],
"datePublic": "2024-08-23T06:13:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An improper access control vulnerability has been identified in the SonicWall SonicOS management access, potentially leading to unauthorized resource access and in specific conditions, causing the firewall to crash. This issue affects SonicWall Firewall Gen 5 and Gen 6 devices, as well as Gen 7 devices running SonicOS 7.0.1-5035 and older versions."
}
],
"value": "An improper access control vulnerability has been identified in the SonicWall SonicOS management access, potentially leading to unauthorized resource access and in specific conditions, causing the firewall to crash. This issue affects SonicWall Firewall Gen 5 and Gen 6 devices, as well as Gen 7 devices running SonicOS 7.0.1-5035 and older versions."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284 Improper Access Control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-23T06:19:07.229Z",
"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"shortName": "sonicwall"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0015"
}
],
"source": {
"advisory": "SNWLID-2024-0015",
"discovery": "INTERNAL"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"assignerShortName": "sonicwall",
"cveId": "CVE-2024-40766",
"datePublished": "2024-08-23T06:19:07.229Z",
"dateReserved": "2024-07-10T15:58:49.462Z",
"dateUpdated": "2025-10-21T22:55:46.444Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-40764 (GCVE-0-2024-40764)
Vulnerability from cvelistv5
Published
2024-07-18 07:42
Modified
2024-08-02 04:39
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-122 - Heap-based Buffer Overflow
Summary
Heap-based buffer overflow vulnerability in the SonicOS IPSec VPN allows an unauthenticated remote attacker to cause Denial of Service (DoS).
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sonicos",
"vendor": "sonicwall",
"versions": [
{
"lessThanOrEqual": "6.5.4.4-44v-21-2395",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "7.0.1-5151",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "7.1.1-7051",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-40764",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-18T13:27:59.874514Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-18T13:37:13.495Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:39:54.567Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0012"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"platforms": [
"Gen6",
"Gen7"
],
"product": "SonicOS",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "6.5.4.4-44v-21-2395 and older versions"
},
{
"status": "affected",
"version": "7.0.1-5151 and older versions"
},
{
"status": "affected",
"version": "7.1.1-7051 and older versions"
}
]
}
],
"datePublic": "2024-07-18T07:38:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Heap-based buffer overflow vulnerability in the SonicOS IPSec VPN allows an unauthenticated remote attacker to cause Denial of Service (DoS)."
}
],
"value": "Heap-based buffer overflow vulnerability in the SonicOS IPSec VPN allows an unauthenticated remote attacker to cause Denial of Service (DoS)."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-122",
"description": "CWE-122 Heap-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-18T07:42:37.995Z",
"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"shortName": "sonicwall"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0012"
}
],
"source": {
"advisory": "SNWLID-2024-0012",
"discovery": "EXTERNAL"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"assignerShortName": "sonicwall",
"cveId": "CVE-2024-40764",
"datePublished": "2024-07-18T07:42:37.995Z",
"dateReserved": "2024-07-10T15:58:49.461Z",
"dateUpdated": "2024-08-02T04:39:54.567Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-29012 (GCVE-0-2024-29012)
Vulnerability from cvelistv5
Published
2024-06-20 08:11
Modified
2025-03-25 16:30
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-121 - Stack-based Buffer Overflow
Summary
Stack-based buffer overflow vulnerability in the SonicOS HTTP server allows an authenticated remote attacker to cause Denial of Service (DoS) via sscanf function.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-29012",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-27T13:21:49.382881Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-25T16:30:24.601Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T01:03:51.511Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0008"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"platforms": [
"Gen7"
],
"product": "SonicOS",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "7.1.1-7051 and earlier versions"
}
]
}
],
"datePublic": "2024-06-20T08:01:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Stack-based buffer overflow vulnerability in the SonicOS HTTP server allows an authenticated remote attacker to cause Denial of Service (DoS) via sscanf function."
}
],
"value": "Stack-based buffer overflow vulnerability in the SonicOS HTTP server allows an authenticated remote attacker to cause Denial of Service (DoS) via sscanf function."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121 Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-20T08:11:10.318Z",
"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"shortName": "sonicwall"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0008"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"assignerShortName": "sonicwall",
"cveId": "CVE-2024-29012",
"datePublished": "2024-06-20T08:11:10.318Z",
"dateReserved": "2024-03-14T03:29:41.180Z",
"dateUpdated": "2025-03-25T16:30:24.601Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-5142 (GCVE-0-2020-5142)
Vulnerability from cvelistv5
Published
2020-10-12 10:40
Modified
2024-08-04 08:22
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation
Summary
A stored cross-site scripting (XSS) vulnerability exists in the SonicOS SSLVPN web interface. A remote unauthenticated attacker is able to store and potentially execute arbitrary JavaScript code in the firewall SSLVPN portal. This vulnerability affected SonicOS Gen 5 version 5.9.1.7, 5.9.1.13, Gen 6 version 6.5.4.7, 6.5.1.12, 6.0.5.3, SonicOSv 6.5.4.v and Gen 7 version SonicOS 7.0.0.0.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SonicWall | SonicOS |
Version: SonicOS 6.5.4.7-79n and earlier Version: SonicOS 5.9.1.7-2n and earlier Version: SonicOS 5.9.1.13-5n and earlier Version: SonicOS 6.5.1.11-4n and earlier Version: SonicOS 6.0.5.3-93o and earlier Version: SonicOSv 6.5.4.4-44v-21-794 and earlier Version: SonicOS 7.0.0.0-1 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T08:22:09.083Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2020-0017"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "SonicOS",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "SonicOS 6.5.4.7-79n and earlier"
},
{
"status": "affected",
"version": "SonicOS 5.9.1.7-2n and earlier"
},
{
"status": "affected",
"version": "SonicOS 5.9.1.13-5n and earlier"
},
{
"status": "affected",
"version": "SonicOS 6.5.1.11-4n and earlier"
},
{
"status": "affected",
"version": "SonicOS 6.0.5.3-93o and earlier"
},
{
"status": "affected",
"version": "SonicOSv 6.5.4.4-44v-21-794 and earlier"
},
{
"status": "affected",
"version": "SonicOS 7.0.0.0-1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A stored cross-site scripting (XSS) vulnerability exists in the SonicOS SSLVPN web interface. A remote unauthenticated attacker is able to store and potentially execute arbitrary JavaScript code in the firewall SSLVPN portal. This vulnerability affected SonicOS Gen 5 version 5.9.1.7, 5.9.1.13, Gen 6 version 6.5.4.7, 6.5.1.12, 6.0.5.3, SonicOSv 6.5.4.v and Gen 7 version SonicOS 7.0.0.0."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79: Improper Neutralization of Input During Web Page Generation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-10-12T10:40:31",
"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"shortName": "sonicwall"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2020-0017"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "PSIRT@sonicwall.com",
"ID": "CVE-2020-5142",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SonicOS",
"version": {
"version_data": [
{
"version_value": "SonicOS 6.5.4.7-79n and earlier"
},
{
"version_value": "SonicOS 5.9.1.7-2n and earlier"
},
{
"version_value": "SonicOS 5.9.1.13-5n and earlier"
},
{
"version_value": "SonicOS 6.5.1.11-4n and earlier"
},
{
"version_value": "SonicOS 6.0.5.3-93o and earlier"
},
{
"version_value": "SonicOSv 6.5.4.4-44v-21-794 and earlier"
},
{
"version_value": "SonicOS 7.0.0.0-1"
}
]
}
}
]
},
"vendor_name": "SonicWall"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A stored cross-site scripting (XSS) vulnerability exists in the SonicOS SSLVPN web interface. A remote unauthenticated attacker is able to store and potentially execute arbitrary JavaScript code in the firewall SSLVPN portal. This vulnerability affected SonicOS Gen 5 version 5.9.1.7, 5.9.1.13, Gen 6 version 6.5.4.7, 6.5.1.12, 6.0.5.3, SonicOSv 6.5.4.v and Gen 7 version SonicOS 7.0.0.0."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79: Improper Neutralization of Input During Web Page Generation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2020-0017",
"refsource": "CONFIRM",
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2020-0017"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"assignerShortName": "sonicwall",
"cveId": "CVE-2020-5142",
"datePublished": "2020-10-12T10:40:31",
"dateReserved": "2019-12-31T00:00:00",
"dateUpdated": "2024-08-04T08:22:09.083Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-7487 (GCVE-0-2019-7487)
Vulnerability from cvelistv5
Published
2019-12-19 00:35
Modified
2024-08-04 20:54
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-428 - Unquoted Search Path or Element
Summary
Installation of the SonicOS SSLVPN NACagent 3.5 on the Windows operating system, an autorun value is created does not put the path in quotes, so if a malicious binary by an attacker within the parent path could allow code execution.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T20:54:28.232Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0022"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "SonicOS",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "6.5.3.3 and earlier"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Installation of the SonicOS SSLVPN NACagent 3.5 on the Windows operating system, an autorun value is created does not put the path in quotes, so if a malicious binary by an attacker within the parent path could allow code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-428",
"description": "CWE-428: Unquoted Search Path or Element",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-12-19T00:35:45",
"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"shortName": "sonicwall"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0022"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "PSIRT@sonicwall.com",
"ID": "CVE-2019-7487",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SonicOS",
"version": {
"version_data": [
{
"version_value": "6.5.3.3 and earlier"
}
]
}
}
]
},
"vendor_name": "SonicWall"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Installation of the SonicOS SSLVPN NACagent 3.5 on the Windows operating system, an autorun value is created does not put the path in quotes, so if a malicious binary by an attacker within the parent path could allow code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-428: Unquoted Search Path or Element"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0022",
"refsource": "CONFIRM",
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0022"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"assignerShortName": "sonicwall",
"cveId": "CVE-2019-7487",
"datePublished": "2019-12-19T00:35:45",
"dateReserved": "2019-02-06T00:00:00",
"dateUpdated": "2024-08-04T20:54:28.232Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-1101 (GCVE-0-2023-1101)
Vulnerability from cvelistv5
Published
2023-03-02 00:00
Modified
2025-03-07 19:19
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-307 - Improper Restriction of Excessive Authentication Attempts
Summary
SonicOS SSLVPN improper restriction of excessive MFA attempts vulnerability allows an authenticated attacker to use excessive MFA codes.
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T05:32:46.405Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0005"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-1101",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-07T19:18:06.954225Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-307",
"description": "CWE-307 Improper Restriction of Excessive Authentication Attempts",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-07T19:19:56.993Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "SonicOS",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "SonicOS 6.5.4.11-97n and earlier"
},
{
"status": "affected",
"version": "SonicOS NSv 6.5.4.4-44v-21-1551 and earlier"
},
{
"status": "affected",
"version": "SonicOS NSsp 7.0.1-5083 and earlier"
},
{
"status": "affected",
"version": "SonicOS 7.0.1-5095 and earlier"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "SonicOS SSLVPN improper restriction of excessive MFA attempts vulnerability allows an authenticated attacker to use excessive MFA codes."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-307",
"description": "CWE-307: Improper Restriction of Excessive Authentication Attempts",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-03-02T00:00:00.000Z",
"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"shortName": "sonicwall"
},
"references": [
{
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0005"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"assignerShortName": "sonicwall",
"cveId": "CVE-2023-1101",
"datePublished": "2023-03-02T00:00:00.000Z",
"dateReserved": "2023-02-28T00:00:00.000Z",
"dateUpdated": "2025-03-07T19:19:56.993Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-7477 (GCVE-0-2019-7477)
Vulnerability from cvelistv5
Published
2019-04-02 17:20
Modified
2024-08-04 20:54
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-327 - Use of a Broken or Risky Cryptographic Algorithm
Summary
A vulnerability in SonicWall SonicOS and SonicOSv TLS CBC Cipher allow remote attackers to obtain sensitive plaintext data when CBC cipher suites are enabled. This vulnerability affected SonicOS Gen 5 version 5.9.1.10 and earlier, Gen 6 version 6.2.7.3, 6.5.1.3, 6.5.2.2, 6.5.3.1, 6.2.7.8, 6.4.0.0, 6.5.1.8, 6.0.5.3-86o and SonicOSv 6.5.0.2-8v_RC363 (VMWARE), 6.5.0.2.8v_RC367 (AZURE), SonicOSv 6.5.0.2.8v_RC368 (AWS), SonicOSv 6.5.0.2.8v_RC366 (HYPER_V).
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T20:54:27.020Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0003"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "SonicOS",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "5.9.1.10 and earlier"
},
{
"status": "affected",
"version": "6.2.7.3"
},
{
"status": "affected",
"version": "6.5.1.3"
},
{
"status": "affected",
"version": "6.5.2.2"
},
{
"status": "affected",
"version": "6.5.3.1"
},
{
"status": "affected",
"version": "6.2.7.8"
},
{
"status": "affected",
"version": "6.4.0.0"
},
{
"status": "affected",
"version": "6.5.1.8"
},
{
"status": "affected",
"version": "6.0.5.3-86o"
}
]
},
{
"product": "SonicOSv",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "6.5.0.2-8v_RC363 (VMWARE)"
},
{
"status": "affected",
"version": "6.5.0.2.8v_RC367 (AZURE)"
},
{
"status": "affected",
"version": "6.5.0.2.8v_RC368 (AWS)"
},
{
"status": "affected",
"version": "6.5.0.2.8v_RC366 (HYPER_V)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in SonicWall SonicOS and SonicOSv TLS CBC Cipher allow remote attackers to obtain sensitive plaintext data when CBC cipher suites are enabled. This vulnerability affected SonicOS Gen 5 version 5.9.1.10 and earlier, Gen 6 version 6.2.7.3, 6.5.1.3, 6.5.2.2, 6.5.3.1, 6.2.7.8, 6.4.0.0, 6.5.1.8, 6.0.5.3-86o and SonicOSv 6.5.0.2-8v_RC363 (VMWARE), 6.5.0.2.8v_RC367 (AZURE), SonicOSv 6.5.0.2.8v_RC368 (AWS), SonicOSv 6.5.0.2.8v_RC366 (HYPER_V)."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-327",
"description": "CWE-327: Use of a Broken or Risky Cryptographic Algorithm",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-04-02T17:20:39",
"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"shortName": "sonicwall"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0003"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "PSIRT@sonicwall.com",
"ID": "CVE-2019-7477",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SonicOS",
"version": {
"version_data": [
{
"version_value": "5.9.1.10 and earlier"
},
{
"version_value": "6.2.7.3"
},
{
"version_value": "6.5.1.3"
},
{
"version_value": "6.5.2.2"
},
{
"version_value": "6.5.3.1"
},
{
"version_value": "6.2.7.8"
},
{
"version_value": "6.4.0.0"
},
{
"version_value": "6.5.1.8"
},
{
"version_value": "6.0.5.3-86o"
}
]
}
},
{
"product_name": "SonicOSv",
"version": {
"version_data": [
{
"version_value": "6.5.0.2-8v_RC363 (VMWARE)"
},
{
"version_value": "6.5.0.2.8v_RC367 (AZURE)"
},
{
"version_value": "6.5.0.2.8v_RC368 (AWS)"
},
{
"version_value": "6.5.0.2.8v_RC366 (HYPER_V)"
}
]
}
}
]
},
"vendor_name": "SonicWall"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in SonicWall SonicOS and SonicOSv TLS CBC Cipher allow remote attackers to obtain sensitive plaintext data when CBC cipher suites are enabled. This vulnerability affected SonicOS Gen 5 version 5.9.1.10 and earlier, Gen 6 version 6.2.7.3, 6.5.1.3, 6.5.2.2, 6.5.3.1, 6.2.7.8, 6.4.0.0, 6.5.1.8, 6.0.5.3-86o and SonicOSv 6.5.0.2-8v_RC363 (VMWARE), 6.5.0.2.8v_RC367 (AZURE), SonicOSv 6.5.0.2.8v_RC368 (AWS), SonicOSv 6.5.0.2.8v_RC366 (HYPER_V)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-327: Use of a Broken or Risky Cryptographic Algorithm"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0003",
"refsource": "CONFIRM",
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0003"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"assignerShortName": "sonicwall",
"cveId": "CVE-2019-7477",
"datePublished": "2019-04-02T17:20:39",
"dateReserved": "2019-02-06T00:00:00",
"dateUpdated": "2024-08-04T20:54:27.020Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-53705 (GCVE-0-2024-53705)
Vulnerability from cvelistv5
Published
2025-01-09 06:58
Modified
2025-01-09 15:03
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-918 - Server-Side Request Forgery (SSRF)
Summary
A Server-Side Request Forgery vulnerability in the SonicOS SSH management interface allows a remote attacker to establish a TCP connection to an IP address on any port when the user is logged in to the firewall.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-53705",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-09T15:03:01.313230Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-09T15:03:52.395Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"platforms": [
"Gen7 Hardware",
"Gen7 NSv",
"TZ80",
"Gen6 Hardware"
],
"product": "SonicOS",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "6.5.4.15-117n and older versions"
},
{
"status": "affected",
"version": "7.0.1-5161 and older versions"
},
{
"status": "affected",
"version": "7.1.1-7058 and older versions"
},
{
"status": "affected",
"version": "7.1.2-7019"
},
{
"status": "affected",
"version": "8.0.0-8035"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Daan Keuper, Thijs Alkemade and Khaled Nassar of Computest Security through Trend Micro (Zero Day Initiative)"
}
],
"datePublic": "2025-01-08T06:49:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA Server-Side Request Forgery vulnerability in the SonicOS SSH management interface allows a remote attacker to establish a TCP connection to an IP address on any port when the user is logged in to the firewall.\u003c/span\u003e\n\n\u003c/span\u003e"
}
],
"value": "A Server-Side Request Forgery vulnerability in the SonicOS SSH management interface allows a remote attacker to establish a TCP connection to an IP address on any port when the user is logged in to the firewall."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-918",
"description": "CWE-918 Server-Side Request Forgery (SSRF)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-09T06:58:40.573Z",
"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"shortName": "sonicwall"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0003"
}
],
"source": {
"advisory": "SNWLID-2025-0003",
"discovery": "EXTERNAL"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"assignerShortName": "sonicwall",
"cveId": "CVE-2024-53705",
"datePublished": "2025-01-09T06:58:40.573Z",
"dateReserved": "2024-11-22T09:54:04.964Z",
"dateUpdated": "2025-01-09T15:03:52.395Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-22394 (GCVE-0-2024-22394)
Vulnerability from cvelistv5
Published
2024-02-08 01:14
Modified
2024-08-22 18:49
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-287 - Improper Authentication
Summary
An improper authentication vulnerability has been identified in SonicWall SonicOS SSL-VPN feature, which in specific conditions could allow a remote attacker to bypass authentication.
This issue affects only firmware version SonicOS 7.1.1-7040.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T22:43:34.842Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0003"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sonicos",
"vendor": "sonicwall",
"versions": [
{
"status": "affected",
"version": "sonicos 7.1.1-7040"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-22394",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-02-08T17:20:54.081829Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-22T18:49:34.217Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "SonicOS",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "SonicOS 7.1.1-7040"
}
]
}
],
"datePublic": "2024-02-08T00:06:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An improper authentication vulnerability has been identified in SonicWall SonicOS SSL-VPN feature, which in specific conditions could allow a remote attacker to bypass authentication.\u0026nbsp;\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eThis issue affects only firmware version SonicOS 7.1.1-7040.\u003c/span\u003e\n\n"
}
],
"value": "An improper authentication vulnerability has been identified in SonicWall SonicOS SSL-VPN feature, which in specific conditions could allow a remote attacker to bypass authentication.\u00a0\n\nThis issue affects only firmware version SonicOS 7.1.1-7040.\n\n"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "CWE-287 Improper Authentication",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-02-08T01:14:33.634Z",
"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"shortName": "sonicwall"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0003"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"assignerShortName": "sonicwall",
"cveId": "CVE-2024-22394",
"datePublished": "2024-02-08T01:14:33.634Z",
"dateReserved": "2024-01-10T09:52:23.462Z",
"dateUpdated": "2024-08-22T18:49:34.217Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-29013 (GCVE-0-2024-29013)
Vulnerability from cvelistv5
Published
2024-06-20 08:14
Modified
2025-03-25 16:29
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-122 - Heap-based Buffer Overflow
Summary
Heap-based buffer overflow vulnerability in the SonicOS SSL-VPN allows an authenticated remote attacker to cause Denial of Service (DoS) via memcpy function.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-29013",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-27T13:20:32.639743Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-25T16:29:38.467Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T01:03:51.681Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0009"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"platforms": [
"Gen7"
],
"product": "SonicOS",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "7.1.1-7051 and earlier versions"
}
]
}
],
"datePublic": "2024-06-20T08:12:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Heap-based buffer overflow vulnerability in the SonicOS SSL-VPN allows an authenticated remote attacker to cause Denial of Service (DoS) via memcpy function."
}
],
"value": "Heap-based buffer overflow vulnerability in the SonicOS SSL-VPN allows an authenticated remote attacker to cause Denial of Service (DoS) via memcpy function."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-122",
"description": "CWE-122 Heap-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-20T08:14:23.845Z",
"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"shortName": "sonicwall"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0009"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"assignerShortName": "sonicwall",
"cveId": "CVE-2024-29013",
"datePublished": "2024-06-20T08:14:23.845Z",
"dateReserved": "2024-03-14T03:29:41.180Z",
"dateUpdated": "2025-03-25T16:29:38.467Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-12803 (GCVE-0-2024-12803)
Vulnerability from cvelistv5
Published
2025-01-09 07:21
Modified
2025-01-17 02:16
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-121 - Stack-based Buffer Overflow
Summary
A post-authentication stack-based buffer overflow vulnerability in SonicOS management allows a remote attacker to crash a firewall and potentially leads to code execution.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-12803",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-09T14:55:27.671235Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-17T02:16:09.661Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"platforms": [
"Gen6 Hardware",
"Gen7 Hardware",
"Gen7 NSv",
"TZ80"
],
"product": "SonicOS",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "6.5.4.15-117n and older versions"
},
{
"status": "affected",
"version": "7.0.1-5161 and older version"
},
{
"status": "affected",
"version": "7.1.2-7019"
},
{
"status": "affected",
"version": "8.0.0-8035"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Catalpa of DBappSecurity Co. Ltd."
}
],
"datePublic": "2025-01-08T07:14:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA post-authentication stack-based buffer overflow vulnerability in SonicOS management allows a remote attacker to crash a firewall and potentially leads to code execution.\u003c/span\u003e"
}
],
"value": "A post-authentication stack-based buffer overflow vulnerability in SonicOS management allows a remote attacker to crash a firewall and potentially leads to code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121 Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-09T07:21:53.799Z",
"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"shortName": "sonicwall"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0004"
}
],
"source": {
"advisory": "SNWLID-2025-0004",
"discovery": "EXTERNAL"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"assignerShortName": "sonicwall",
"cveId": "CVE-2024-12803",
"datePublished": "2025-01-09T07:21:53.799Z",
"dateReserved": "2024-12-19T16:22:45.706Z",
"dateUpdated": "2025-01-17T02:16:09.661Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-22278 (GCVE-0-2022-22278)
Vulnerability from cvelistv5
Published
2022-04-27 16:25
Modified
2024-08-03 03:07
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-770 - Allocation of Resources Without Limits or Throttling
Summary
A vulnerability in SonicOS CFS (Content filtering service) returns a large 403 forbidden HTTP response message to the source address when users try to access prohibited resource this allows an attacker to cause HTTP Denial of Service (DoS) attack
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SonicWall | SonicOS |
Version: SonicOS Gen 7 TZ-Series 7.0.1-5030-R2007 and earlier versions. Version: SonicOS Gen 7 NSa-Series 7.0.1-5030-R2007 and earlier versions. Version: SonicOS Gen 7 NSv-Series 7.0.1.0-5030-1391 and earlier versions. Version: SonicOS Gen 7 NSsp-Series 7.0.1-5030-R780 and earlier versions. |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:07:50.277Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0004"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "SonicOS",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "SonicOS Gen 7 TZ-Series 7.0.1-5030-R2007 and earlier versions."
},
{
"status": "affected",
"version": "SonicOS Gen 7 NSa-Series 7.0.1-5030-R2007 and earlier versions."
},
{
"status": "affected",
"version": "SonicOS Gen 7 NSv-Series 7.0.1.0-5030-1391 and earlier versions."
},
{
"status": "affected",
"version": "SonicOS Gen 7 NSsp-Series 7.0.1-5030-R780 and earlier versions."
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in SonicOS CFS (Content filtering service) returns a large 403 forbidden HTTP response message to the source address when users try to access prohibited resource this allows an attacker to cause HTTP Denial of Service (DoS) attack"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-770",
"description": "CWE-770: Allocation of Resources Without Limits or Throttling",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-27T16:25:18",
"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"shortName": "sonicwall"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0004"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "PSIRT@sonicwall.com",
"ID": "CVE-2022-22278",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SonicOS",
"version": {
"version_data": [
{
"version_value": "SonicOS Gen 7 TZ-Series 7.0.1-5030-R2007 and earlier versions."
},
{
"version_value": "SonicOS Gen 7 NSa-Series 7.0.1-5030-R2007 and earlier versions."
},
{
"version_value": "SonicOS Gen 7 NSv-Series 7.0.1.0-5030-1391 and earlier versions."
},
{
"version_value": "SonicOS Gen 7 NSsp-Series 7.0.1-5030-R780 and earlier versions."
}
]
}
}
]
},
"vendor_name": "SonicWall"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in SonicOS CFS (Content filtering service) returns a large 403 forbidden HTTP response message to the source address when users try to access prohibited resource this allows an attacker to cause HTTP Denial of Service (DoS) attack"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-770: Allocation of Resources Without Limits or Throttling"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0004",
"refsource": "CONFIRM",
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0004"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"assignerShortName": "sonicwall",
"cveId": "CVE-2022-22278",
"datePublished": "2022-04-27T16:25:18",
"dateReserved": "2021-12-29T00:00:00",
"dateUpdated": "2024-08-03T03:07:50.277Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-32818 (GCVE-0-2025-32818)
Vulnerability from cvelistv5
Published
2025-04-23 19:24
Modified
2025-04-23 19:56
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-476 - NULL Pointer Dereference
Summary
A Null Pointer Dereference vulnerability in the SonicOS SSLVPN Virtual office interface allows a remote, unauthenticated attacker to crash the firewall, potentially leading to a Denial-of-Service (DoS) condition.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-32818",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-23T19:55:23.734741Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-23T19:56:30.725Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"platforms": [
"GEN7",
"GEN8"
],
"product": "SonicOS",
"vendor": "SonicWall",
"versions": [
{
"lessThanOrEqual": "7.1.3-7015",
"status": "affected",
"version": "7.1.1-7040",
"versionType": "custom"
},
{
"status": "affected",
"version": "8.0.0-8037 and earlier versions"
}
]
}
],
"datePublic": "2025-04-23T19:16:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA Null Pointer Dereference vulnerability in the SonicOS SSLVPN Virtual office interface allows a remote, unauthenticated attacker to crash the firewall, potentially leading to a Denial-of-Service (DoS) condition.\u003c/span\u003e"
}
],
"value": "A Null Pointer Dereference vulnerability in the SonicOS SSLVPN Virtual office interface allows a remote, unauthenticated attacker to crash the firewall, potentially leading to a Denial-of-Service (DoS) condition."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-476",
"description": "CWE-476 NULL Pointer Dereference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-23T19:24:53.043Z",
"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"shortName": "sonicwall"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0009"
}
],
"source": {
"advisory": "SNWLID-2025-0009",
"discovery": "EXTERNAL"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"assignerShortName": "sonicwall",
"cveId": "CVE-2025-32818",
"datePublished": "2025-04-23T19:24:53.043Z",
"dateReserved": "2025-04-11T08:50:31.683Z",
"dateUpdated": "2025-04-23T19:56:30.725Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-22274 (GCVE-0-2022-22274)
Vulnerability from cvelistv5
Published
2022-03-25 23:05
Modified
2024-08-03 03:07
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-121 - Stack-based Buffer Overflow
Summary
A Stack-based buffer overflow vulnerability in the SonicOS via HTTP request allows a remote unauthenticated attacker to cause Denial of Service (DoS) or potentially results in code execution in the firewall.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:07:50.278Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0003"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "SonicOS",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "SonicOS 7.0.1-5050 and earlier"
},
{
"status": "affected",
"version": "SonicOS 7.0.1-R579 and earlier"
},
{
"status": "affected",
"version": "SonicOSv 6.5.4.4-44v-21-1452 and earlier"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A Stack-based buffer overflow vulnerability in the SonicOS via HTTP request allows a remote unauthenticated attacker to cause Denial of Service (DoS) or potentially results in code execution in the firewall."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121: Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-03-25T23:05:09",
"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"shortName": "sonicwall"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0003"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "PSIRT@sonicwall.com",
"ID": "CVE-2022-22274",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SonicOS",
"version": {
"version_data": [
{
"version_value": "SonicOS 7.0.1-5050 and earlier"
},
{
"version_value": "SonicOS 7.0.1-R579 and earlier"
},
{
"version_value": "SonicOSv 6.5.4.4-44v-21-1452 and earlier"
}
]
}
}
]
},
"vendor_name": "SonicWall"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A Stack-based buffer overflow vulnerability in the SonicOS via HTTP request allows a remote unauthenticated attacker to cause Denial of Service (DoS) or potentially results in code execution in the firewall."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-121: Stack-based Buffer Overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0003",
"refsource": "CONFIRM",
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0003"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"assignerShortName": "sonicwall",
"cveId": "CVE-2022-22274",
"datePublished": "2022-03-25T23:05:09",
"dateReserved": "2021-12-29T00:00:00",
"dateUpdated": "2024-08-03T03:07:50.278Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-22396 (GCVE-0-2024-22396)
Vulnerability from cvelistv5
Published
2024-03-14 03:15
Modified
2024-08-01 22:43
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-190 - Integer Overflow or Wraparound
Summary
An Integer-based buffer overflow vulnerability in the SonicOS via IPSec allows a remote attacker in specific conditions to cause Denial of Service (DoS) and potentially execute arbitrary code by sending a specially crafted IKEv2 payload.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:sonicwall:sonicos:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sonicos",
"vendor": "sonicwall",
"versions": [
{
"lessThanOrEqual": "7.0.1-5145",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "7.1.1-7047",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.5.4.13-105n",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.5.4.4-44v-21-2340",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-22396",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-03-14T16:30:28.118688Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-21T19:20:49.979Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T22:43:34.943Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0004"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"platforms": [
"Gen6",
"Gen7"
],
"product": "SonicOS",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "7.0.1-5145 and earlier versions"
},
{
"status": "affected",
"version": "7.1.1-7047 and earlier versions"
},
{
"status": "affected",
"version": "6.5.4.13-105n and earlier versions"
},
{
"status": "affected",
"version": "6.5.4.4-44v-21-2340 and earlier versions"
}
]
}
],
"datePublic": "2024-03-13T17:05:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An Integer-based buffer overflow vulnerability in the SonicOS via IPSec allows a remote attacker in specific conditions to cause Denial of Service (DoS) and potentially execute arbitrary code by sending a specially crafted IKEv2 payload."
}
],
"value": "An Integer-based buffer overflow vulnerability in the SonicOS via IPSec allows a remote attacker in specific conditions to cause Denial of Service (DoS) and potentially execute arbitrary code by sending a specially crafted IKEv2 payload."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-190",
"description": "CWE-190 Integer Overflow or Wraparound",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-03-14T03:15:55.008Z",
"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"shortName": "sonicwall"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0004"
}
],
"source": {
"discovery": "EXTERNAL"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"assignerShortName": "sonicwall",
"cveId": "CVE-2024-22396",
"datePublished": "2024-03-14T03:15:55.008Z",
"dateReserved": "2024-01-10T09:52:23.462Z",
"dateUpdated": "2024-08-01T22:43:34.943Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-40762 (GCVE-0-2024-40762)
Vulnerability from cvelistv5
Published
2025-01-09 06:43
Modified
2025-01-09 15:08
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-338 - Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)
Summary
Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) in the SonicOS SSLVPN authentication token generator that, in certain cases, can be predicted by an attacker potentially resulting in authentication bypass.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-40762",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-09T15:07:45.484453Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-09T15:08:11.330Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"platforms": [
"Gen7 Hardware",
"Gen7 NSv",
"TZ80"
],
"product": "SonicOS",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "7.1.1-7058 and older versions"
},
{
"status": "affected",
"version": "7.1.2-7019"
},
{
"status": "affected",
"version": "8.0.0-8035"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Daan Keuper, Thijs Alkemade and Khaled Nassar of Computest Security through Trend Micro (Zero Day Initiative)"
}
],
"datePublic": "2025-01-08T06:41:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eUse of Cryptographically Weak Pseudo-Random Number Generator (PRNG) in the SonicOS SSLVPN authentication token generator that, in certain cases, can be predicted by an attacker potentially resulting in authentication bypass.\u003c/span\u003e"
}
],
"value": "Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) in the SonicOS SSLVPN authentication token generator that, in certain cases, can be predicted by an attacker potentially resulting in authentication bypass."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-338",
"description": "CWE-338 Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-09T06:43:25.000Z",
"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"shortName": "sonicwall"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0003"
}
],
"source": {
"advisory": "SNWLID-2025-0003",
"discovery": "EXTERNAL"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"assignerShortName": "sonicwall",
"cveId": "CVE-2024-40762",
"datePublished": "2025-01-09T06:43:25.000Z",
"dateReserved": "2024-07-10T15:58:49.461Z",
"dateUpdated": "2025-01-09T15:08:11.330Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-5140 (GCVE-0-2020-5140)
Vulnerability from cvelistv5
Published
2020-10-12 10:40
Modified
2024-08-04 08:22
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-125 - Out-of-bounds Read
Summary
A vulnerability in SonicOS allows a remote unauthenticated attacker to cause Denial of Service (DoS) on the firewall SSLVPN service by sending a malicious HTTP request that leads to memory addresses leak. This vulnerability affected SonicOS Gen 5 version 5.9.1.7, 5.9.1.13, Gen 6 version 6.5.4.7, 6.5.1.12, 6.0.5.3, SonicOSv 6.5.4.v and Gen 7 version SonicOS 7.0.0.0.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SonicWall | SonicOS |
Version: SonicOS 6.5.4.7-79n and earlier Version: SonicOS 5.9.1.7-2n and earlier Version: SonicOS 5.9.1.13-5n and earlier Version: SonicOS 6.5.1.11-4n and earlier Version: SonicOS 6.0.5.3-93o and earlier Version: SonicOSv 6.5.4.4-44v-21-794 and earlier Version: SonicOS 7.0.0.0-1 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T08:22:08.956Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2020-0015"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "SonicOS",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "SonicOS 6.5.4.7-79n and earlier"
},
{
"status": "affected",
"version": "SonicOS 5.9.1.7-2n and earlier"
},
{
"status": "affected",
"version": "SonicOS 5.9.1.13-5n and earlier"
},
{
"status": "affected",
"version": "SonicOS 6.5.1.11-4n and earlier"
},
{
"status": "affected",
"version": "SonicOS 6.0.5.3-93o and earlier"
},
{
"status": "affected",
"version": "SonicOSv 6.5.4.4-44v-21-794 and earlier"
},
{
"status": "affected",
"version": "SonicOS 7.0.0.0-1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in SonicOS allows a remote unauthenticated attacker to cause Denial of Service (DoS) on the firewall SSLVPN service by sending a malicious HTTP request that leads to memory addresses leak. This vulnerability affected SonicOS Gen 5 version 5.9.1.7, 5.9.1.13, Gen 6 version 6.5.4.7, 6.5.1.12, 6.0.5.3, SonicOSv 6.5.4.v and Gen 7 version SonicOS 7.0.0.0."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125: Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-10-12T10:40:30",
"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"shortName": "sonicwall"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2020-0015"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "PSIRT@sonicwall.com",
"ID": "CVE-2020-5140",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SonicOS",
"version": {
"version_data": [
{
"version_value": "SonicOS 6.5.4.7-79n and earlier"
},
{
"version_value": "SonicOS 5.9.1.7-2n and earlier"
},
{
"version_value": "SonicOS 5.9.1.13-5n and earlier"
},
{
"version_value": "SonicOS 6.5.1.11-4n and earlier"
},
{
"version_value": "SonicOS 6.0.5.3-93o and earlier"
},
{
"version_value": "SonicOSv 6.5.4.4-44v-21-794 and earlier"
},
{
"version_value": "SonicOS 7.0.0.0-1"
}
]
}
}
]
},
"vendor_name": "SonicWall"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in SonicOS allows a remote unauthenticated attacker to cause Denial of Service (DoS) on the firewall SSLVPN service by sending a malicious HTTP request that leads to memory addresses leak. This vulnerability affected SonicOS Gen 5 version 5.9.1.7, 5.9.1.13, Gen 6 version 6.5.4.7, 6.5.1.12, 6.0.5.3, SonicOSv 6.5.4.v and Gen 7 version SonicOS 7.0.0.0."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-125: Out-of-bounds Read"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2020-0015",
"refsource": "CONFIRM",
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2020-0015"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"assignerShortName": "sonicwall",
"cveId": "CVE-2020-5140",
"datePublished": "2020-10-12T10:40:30",
"dateReserved": "2019-12-31T00:00:00",
"dateUpdated": "2024-08-04T08:22:08.956Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-39280 (GCVE-0-2023-39280)
Vulnerability from cvelistv5
Published
2023-10-17 22:17
Modified
2024-09-13 15:59
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-121 - Stack-based Buffer Overflow
Summary
SonicOS p
ost-authentication Stack-Based Buffer Overflow vulnerability in the ssoStats-s.xml, ssoStats-s.wri URL endpoints leads to a firewall crash.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T18:02:06.718Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0012"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-39280",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-13T15:59:13.568147Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-13T15:59:29.468Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"modules": [
"Management",
"SSLVPN"
],
"product": "SonicOS",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "7.0.1-5119 and earlier versions"
},
{
"status": "affected",
"version": "7.0.1-5129 and earlier versions"
},
{
"status": "affected",
"version": "6.5.4.4-44v-21-2079 and earlier versions"
},
{
"status": "affected",
"version": "6.5.4.12-101n and earlier versions"
}
]
}
],
"datePublic": "2023-10-17T22:16:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "SonicOS p\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eost-authentication Stack-Based Buffer Overflow vulnerability in the ssoStats-s.xml, ssoStats-s.wri URL endpoints leads to a firewall crash.\u003c/span\u003e\n\n"
}
],
"value": "SonicOS p\n\nost-authentication Stack-Based Buffer Overflow vulnerability in the ssoStats-s.xml, ssoStats-s.wri URL endpoints leads to a firewall crash.\n\n"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121 Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-17T22:17:36.308Z",
"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"shortName": "sonicwall"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0012"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"assignerShortName": "sonicwall",
"cveId": "CVE-2023-39280",
"datePublished": "2023-10-17T22:17:36.308Z",
"dateReserved": "2023-07-27T00:07:04.125Z",
"dateUpdated": "2024-09-13T15:59:29.468Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-5141 (GCVE-0-2020-5141)
Vulnerability from cvelistv5
Published
2020-10-12 10:40
Modified
2024-08-04 08:22
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-799 - Improper Control of Interaction Frequency
Summary
A vulnerability in SonicOS allows a remote unauthenticated attacker to brute force Virtual Assist ticket ID in the firewall SSLVPN service. This vulnerability affected SonicOS Gen 5 version 5.9.1.7, 5.9.1.13, Gen 6 version 6.5.4.7, 6.5.1.12, 6.0.5.3, SonicOSv 6.5.4.v and Gen 7 version SonicOS 7.0.0.0.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SonicWall | SonicOS |
Version: SonicOS 6.5.4.7-79n and earlier Version: SonicOS 5.9.1.7-2n and earlier Version: SonicOS 5.9.1.13-5n and earlier Version: SonicOS 6.5.1.11-4n and earlier Version: SonicOS 6.0.5.3-93o and earlier Version: SonicOSv 6.5.4.4-44v-21-794 and earlier Version: SonicOS 7.0.0.0-1 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T08:22:08.563Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2020-0016"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "SonicOS",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "SonicOS 6.5.4.7-79n and earlier"
},
{
"status": "affected",
"version": "SonicOS 5.9.1.7-2n and earlier"
},
{
"status": "affected",
"version": "SonicOS 5.9.1.13-5n and earlier"
},
{
"status": "affected",
"version": "SonicOS 6.5.1.11-4n and earlier"
},
{
"status": "affected",
"version": "SonicOS 6.0.5.3-93o and earlier"
},
{
"status": "affected",
"version": "SonicOSv 6.5.4.4-44v-21-794 and earlier"
},
{
"status": "affected",
"version": "SonicOS 7.0.0.0-1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in SonicOS allows a remote unauthenticated attacker to brute force Virtual Assist ticket ID in the firewall SSLVPN service. This vulnerability affected SonicOS Gen 5 version 5.9.1.7, 5.9.1.13, Gen 6 version 6.5.4.7, 6.5.1.12, 6.0.5.3, SonicOSv 6.5.4.v and Gen 7 version SonicOS 7.0.0.0."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-799",
"description": "CWE-799: Improper Control of Interaction Frequency",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-10-12T10:40:31",
"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"shortName": "sonicwall"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2020-0016"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "PSIRT@sonicwall.com",
"ID": "CVE-2020-5141",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SonicOS",
"version": {
"version_data": [
{
"version_value": "SonicOS 6.5.4.7-79n and earlier"
},
{
"version_value": "SonicOS 5.9.1.7-2n and earlier"
},
{
"version_value": "SonicOS 5.9.1.13-5n and earlier"
},
{
"version_value": "SonicOS 6.5.1.11-4n and earlier"
},
{
"version_value": "SonicOS 6.0.5.3-93o and earlier"
},
{
"version_value": "SonicOSv 6.5.4.4-44v-21-794 and earlier"
},
{
"version_value": "SonicOS 7.0.0.0-1"
}
]
}
}
]
},
"vendor_name": "SonicWall"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in SonicOS allows a remote unauthenticated attacker to brute force Virtual Assist ticket ID in the firewall SSLVPN service. This vulnerability affected SonicOS Gen 5 version 5.9.1.7, 5.9.1.13, Gen 6 version 6.5.4.7, 6.5.1.12, 6.0.5.3, SonicOSv 6.5.4.v and Gen 7 version SonicOS 7.0.0.0."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-799: Improper Control of Interaction Frequency"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2020-0016",
"refsource": "CONFIRM",
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2020-0016"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"assignerShortName": "sonicwall",
"cveId": "CVE-2020-5141",
"datePublished": "2020-10-12T10:40:31",
"dateReserved": "2019-12-31T00:00:00",
"dateUpdated": "2024-08-04T08:22:08.563Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-5139 (GCVE-0-2020-5139)
Vulnerability from cvelistv5
Published
2020-10-12 10:40
Modified
2024-08-04 08:22
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-763 - Release of Invalid Pointer or Reference
Summary
A vulnerability in SonicOS SSLVPN service allows a remote unauthenticated attacker to cause Denial of Service (DoS) due to the release of Invalid pointer and leads to a firewall crash. This vulnerability affected SonicOS Gen 5 version 5.9.1.7, 5.9.1.13, Gen 6 version 6.5.4.7, 6.5.1.12, 6.0.5.3, SonicOSv 6.5.4.v and Gen 7 version SonicOS 7.0.0.0.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SonicWall | SonicOS |
Version: SonicOS 6.5.4.7-79n and earlier Version: SonicOS 5.9.1.7-2n and earlier Version: SonicOS 5.9.1.13-5n and earlier Version: SonicOS 6.5.1.11-4n and earlier Version: SonicOS 6.0.5.3-93o and earlier Version: SonicOSv 6.5.4.4-44v-21-794 and earlier Version: SonicOS 7.0.0.0-1 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T08:22:08.741Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2020-0014"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "SonicOS",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "SonicOS 6.5.4.7-79n and earlier"
},
{
"status": "affected",
"version": "SonicOS 5.9.1.7-2n and earlier"
},
{
"status": "affected",
"version": "SonicOS 5.9.1.13-5n and earlier"
},
{
"status": "affected",
"version": "SonicOS 6.5.1.11-4n and earlier"
},
{
"status": "affected",
"version": "SonicOS 6.0.5.3-93o and earlier"
},
{
"status": "affected",
"version": "SonicOSv 6.5.4.4-44v-21-794 and earlier"
},
{
"status": "affected",
"version": "SonicOS 7.0.0.0-1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in SonicOS SSLVPN service allows a remote unauthenticated attacker to cause Denial of Service (DoS) due to the release of Invalid pointer and leads to a firewall crash. This vulnerability affected SonicOS Gen 5 version 5.9.1.7, 5.9.1.13, Gen 6 version 6.5.4.7, 6.5.1.12, 6.0.5.3, SonicOSv 6.5.4.v and Gen 7 version SonicOS 7.0.0.0."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-763",
"description": "CWE-763: Release of Invalid Pointer or Reference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-10-12T10:40:30",
"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"shortName": "sonicwall"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2020-0014"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "PSIRT@sonicwall.com",
"ID": "CVE-2020-5139",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SonicOS",
"version": {
"version_data": [
{
"version_value": "SonicOS 6.5.4.7-79n and earlier"
},
{
"version_value": "SonicOS 5.9.1.7-2n and earlier"
},
{
"version_value": "SonicOS 5.9.1.13-5n and earlier"
},
{
"version_value": "SonicOS 6.5.1.11-4n and earlier"
},
{
"version_value": "SonicOS 6.0.5.3-93o and earlier"
},
{
"version_value": "SonicOSv 6.5.4.4-44v-21-794 and earlier"
},
{
"version_value": "SonicOS 7.0.0.0-1"
}
]
}
}
]
},
"vendor_name": "SonicWall"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in SonicOS SSLVPN service allows a remote unauthenticated attacker to cause Denial of Service (DoS) due to the release of Invalid pointer and leads to a firewall crash. This vulnerability affected SonicOS Gen 5 version 5.9.1.7, 5.9.1.13, Gen 6 version 6.5.4.7, 6.5.1.12, 6.0.5.3, SonicOSv 6.5.4.v and Gen 7 version SonicOS 7.0.0.0."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-763: Release of Invalid Pointer or Reference"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2020-0014",
"refsource": "CONFIRM",
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2020-0014"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"assignerShortName": "sonicwall",
"cveId": "CVE-2020-5139",
"datePublished": "2020-10-12T10:40:30",
"dateReserved": "2019-12-31T00:00:00",
"dateUpdated": "2024-08-04T08:22:08.741Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-20048 (GCVE-0-2021-20048)
Vulnerability from cvelistv5
Published
2022-01-07 03:00
Modified
2024-08-03 17:30
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-121 - Stack-based Buffer Overflow
Summary
A Stack-based buffer overflow in the SonicOS SessionID HTTP response header allows a remote authenticated attacker to cause Denial of Service (DoS) and potentially results in code execution in the firewall. This vulnerability affected SonicOS Gen 5, Gen 6 and Gen 7 firmware versions.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SonicWall | SonicOS |
Version: 7.0.1-R146 and earlier Version: 7.0.1-5023-1349 and earlier Version: 7.0.1-5018-R1715 and earlier Version: 6.5.4.8-89n and earlier Version: 6.5.1.13-1n and earlier Version: 6.0.5.3-94o and earlier Version: 6.5.4.v_21s-1288 and earlier Version: 5.9.1.13 and earlier |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T17:30:06.959Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0028"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "SonicOS",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "7.0.1-R146 and earlier"
},
{
"status": "affected",
"version": "7.0.1-5023-1349 and earlier"
},
{
"status": "affected",
"version": "7.0.1-5018-R1715 and earlier"
},
{
"status": "affected",
"version": "6.5.4.8-89n and earlier"
},
{
"status": "affected",
"version": "6.5.1.13-1n and earlier"
},
{
"status": "affected",
"version": "6.0.5.3-94o and earlier"
},
{
"status": "affected",
"version": "6.5.4.v_21s-1288 and earlier"
},
{
"status": "affected",
"version": "5.9.1.13 and earlier"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A Stack-based buffer overflow in the SonicOS SessionID HTTP response header allows a remote authenticated attacker to cause Denial of Service (DoS) and potentially results in code execution in the firewall. This vulnerability affected SonicOS Gen 5, Gen 6 and Gen 7 firmware versions."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121: Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-01-07T03:00:12",
"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"shortName": "sonicwall"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0028"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "PSIRT@sonicwall.com",
"ID": "CVE-2021-20048",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SonicOS",
"version": {
"version_data": [
{
"version_value": "7.0.1-R146 and earlier"
},
{
"version_value": "7.0.1-5023-1349 and earlier"
},
{
"version_value": "7.0.1-5018-R1715 and earlier"
},
{
"version_value": "6.5.4.8-89n and earlier"
},
{
"version_value": "6.5.1.13-1n and earlier"
},
{
"version_value": "6.0.5.3-94o and earlier"
},
{
"version_value": "6.5.4.v_21s-1288 and earlier"
},
{
"version_value": "5.9.1.13 and earlier"
}
]
}
}
]
},
"vendor_name": "SonicWall"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A Stack-based buffer overflow in the SonicOS SessionID HTTP response header allows a remote authenticated attacker to cause Denial of Service (DoS) and potentially results in code execution in the firewall. This vulnerability affected SonicOS Gen 5, Gen 6 and Gen 7 firmware versions."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-121: Stack-based Buffer Overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0028",
"refsource": "CONFIRM",
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0028"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"assignerShortName": "sonicwall",
"cveId": "CVE-2021-20048",
"datePublished": "2022-01-07T03:00:12",
"dateReserved": "2020-12-17T00:00:00",
"dateUpdated": "2024-08-03T17:30:06.959Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-20046 (GCVE-0-2021-20046)
Vulnerability from cvelistv5
Published
2022-01-07 03:00
Modified
2024-08-03 17:30
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-121 - Stack-based Buffer Overflow
Summary
A Stack-based buffer overflow in the SonicOS HTTP Content-Length response header allows a remote authenticated attacker to cause Denial of Service (DoS) and potentially results in code execution in the firewall. This vulnerability affected SonicOS Gen 5, Gen 6 and Gen 7 firmware versions.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SonicWall | SonicOS |
Version: 7.0.1-R146 and earlier Version: 7.0.1-5023-1349 and earlier Version: 7.0.1-5018-R1715 and earlier Version: 6.5.4.8-89n and earlier Version: 6.5.1.13-1n and earlier Version: 6.0.5.3-94o and earlier Version: 6.5.4.v_21s-1288 and earlier Version: 5.9.1.13 and earlier |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T17:30:07.777Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0027"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "SonicOS",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "7.0.1-R146 and earlier"
},
{
"status": "affected",
"version": "7.0.1-5023-1349 and earlier"
},
{
"status": "affected",
"version": "7.0.1-5018-R1715 and earlier"
},
{
"status": "affected",
"version": "6.5.4.8-89n and earlier"
},
{
"status": "affected",
"version": "6.5.1.13-1n and earlier"
},
{
"status": "affected",
"version": "6.0.5.3-94o and earlier"
},
{
"status": "affected",
"version": "6.5.4.v_21s-1288 and earlier"
},
{
"status": "affected",
"version": "5.9.1.13 and earlier"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A Stack-based buffer overflow in the SonicOS HTTP Content-Length response header allows a remote authenticated attacker to cause Denial of Service (DoS) and potentially results in code execution in the firewall. This vulnerability affected SonicOS Gen 5, Gen 6 and Gen 7 firmware versions."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121: Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-01-07T03:00:11",
"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"shortName": "sonicwall"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0027"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "PSIRT@sonicwall.com",
"ID": "CVE-2021-20046",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SonicOS",
"version": {
"version_data": [
{
"version_value": "7.0.1-R146 and earlier"
},
{
"version_value": "7.0.1-5023-1349 and earlier"
},
{
"version_value": "7.0.1-5018-R1715 and earlier"
},
{
"version_value": "6.5.4.8-89n and earlier"
},
{
"version_value": "6.5.1.13-1n and earlier"
},
{
"version_value": "6.0.5.3-94o and earlier"
},
{
"version_value": "6.5.4.v_21s-1288 and earlier"
},
{
"version_value": "5.9.1.13 and earlier"
}
]
}
}
]
},
"vendor_name": "SonicWall"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A Stack-based buffer overflow in the SonicOS HTTP Content-Length response header allows a remote authenticated attacker to cause Denial of Service (DoS) and potentially results in code execution in the firewall. This vulnerability affected SonicOS Gen 5, Gen 6 and Gen 7 firmware versions."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-121: Stack-based Buffer Overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0027",
"refsource": "CONFIRM",
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0027"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"assignerShortName": "sonicwall",
"cveId": "CVE-2021-20046",
"datePublished": "2022-01-07T03:00:11",
"dateReserved": "2020-12-17T00:00:00",
"dateUpdated": "2024-08-03T17:30:07.777Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-39278 (GCVE-0-2023-39278)
Vulnerability from cvelistv5
Published
2023-10-17 22:12
Modified
2024-09-13 16:01
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-121 - Stack-based Buffer Overflow
Summary
SonicOS post-authentication user assertion failure leads to Stack-Based Buffer Overflow vulnerability via main.cgi leads to a firewall crash.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T18:02:06.911Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0012"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-39278",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-13T16:01:40.078298Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-13T16:01:51.265Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"modules": [
"Management",
"SSLVPN"
],
"product": "SonicOS",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "7.0.1-5119 and earlier versions"
},
{
"status": "affected",
"version": "7.0.1-5129 and earlier versions"
},
{
"status": "affected",
"version": "6.5.4.4-44v-21-2079 and earlier versions"
},
{
"status": "affected",
"version": "6.5.4.12-101n and earlier versions"
}
]
}
],
"datePublic": "2023-10-17T22:12:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "SonicOS post-authentication user assertion failure leads to Stack-Based Buffer Overflow vulnerability via main.cgi leads to a firewall crash.\u003cbr\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003cb\u003e\u003c/b\u003e\u003c/span\u003e"
}
],
"value": "SonicOS post-authentication user assertion failure leads to Stack-Based Buffer Overflow vulnerability via main.cgi leads to a firewall crash.\n"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121 Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-17T22:12:29.594Z",
"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"shortName": "sonicwall"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0012"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"assignerShortName": "sonicwall",
"cveId": "CVE-2023-39278",
"datePublished": "2023-10-17T22:12:29.594Z",
"dateReserved": "2023-07-27T00:07:04.124Z",
"dateUpdated": "2024-09-13T16:01:51.265Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-40600 (GCVE-0-2025-40600)
Vulnerability from cvelistv5
Published
2025-07-29 21:11
Modified
2025-07-30 15:07
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-134 - Use of Externally-Controlled Format String
Summary
Use of Externally-Controlled Format String vulnerability in the SonicOS SSL VPN interface allows a remote unauthenticated attacker to cause service disruption.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-40600",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-30T13:32:27.290793Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-30T15:07:47.649Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"platforms": [
"Gen7",
"Linux"
],
"product": "SonicOS",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "7.2.0-7015 and older versions"
}
]
}
],
"datePublic": "2025-07-29T09:04:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003eUse of Externally-Controlled Format String vulnerability in the SonicOS SSL VPN interface allows a remote unauthenticated attacker to cause service disruption.\u003cbr\u003e\u003c/div\u003e"
}
],
"value": "Use of Externally-Controlled Format String vulnerability in the SonicOS SSL VPN interface allows a remote unauthenticated attacker to cause service disruption."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-134",
"description": "CWE-134 Use of Externally-Controlled Format String",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-29T21:11:59.174Z",
"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"shortName": "sonicwall"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0013"
}
],
"source": {
"advisory": "SNWLID-2025-0013",
"discovery": "INTERNAL"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"assignerShortName": "sonicwall",
"cveId": "CVE-2025-40600",
"datePublished": "2025-07-29T21:11:59.174Z",
"dateReserved": "2025-04-16T08:34:51.361Z",
"dateUpdated": "2025-07-30T15:07:47.649Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-12802 (GCVE-0-2024-12802)
Vulnerability from cvelistv5
Published
2025-01-09 09:08
Modified
2025-01-09 14:30
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-305 - Authentication Bypass by Primary Weakness
Summary
SSL-VPN MFA Bypass in SonicWALL SSL-VPN can arise in specific cases due to the separate handling of UPN (User Principal Name) and SAM (Security Account Manager) account names when integrated with Microsoft Active Directory, allowing MFA to be configured independently for each login method and potentially enabling attackers to bypass MFA by exploiting the alternative account name.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-12802",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-09T14:29:43.478423Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-09T14:30:34.676Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"platforms": [
"Gen6 NSv",
"Gen6 Hardware",
"Gen7 Hardware",
"Gen7 NSv",
"TZ80"
],
"product": "SonicOS",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "6.5.4.4-44v-21-2457 and older versions"
},
{
"status": "affected",
"version": "6.5.4.15-117n and older versions"
},
{
"status": "affected",
"version": "7.0.1-5161 and older versions"
},
{
"status": "affected",
"version": "7.1.1-7058 and older versions"
},
{
"status": "affected",
"version": "7.1.2-7019"
},
{
"status": "affected",
"version": "8.0.0-8035"
}
]
}
],
"datePublic": "2025-01-08T07:16:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eSSL-VPN MFA Bypass in SonicWALL SSL-VPN can arise in specific cases due to the separate handling of UPN (User Principal Name) and SAM (Security Account Manager) account names when integrated with Microsoft Active Directory, allowing MFA to be configured independently for each login method and potentially enabling attackers to bypass MFA by exploiting the alternative account name.\u003c/span\u003e"
}
],
"value": "SSL-VPN MFA Bypass in SonicWALL SSL-VPN can arise in specific cases due to the separate handling of UPN (User Principal Name) and SAM (Security Account Manager) account names when integrated with Microsoft Active Directory, allowing MFA to be configured independently for each login method and potentially enabling attackers to bypass MFA by exploiting the alternative account name."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-305",
"description": "CWE-305 Authentication Bypass by Primary Weakness",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-09T09:08:26.012Z",
"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"shortName": "sonicwall"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0001"
}
],
"source": {
"advisory": "SNWLID-2025-0001",
"discovery": "EXTERNAL"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"assignerShortName": "sonicwall",
"cveId": "CVE-2024-12802",
"datePublished": "2025-01-09T09:08:26.012Z",
"dateReserved": "2024-12-19T16:22:43.405Z",
"dateUpdated": "2025-01-09T14:30:34.676Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-22275 (GCVE-0-2022-22275)
Vulnerability from cvelistv5
Published
2022-04-27 16:25
Modified
2024-08-03 03:07
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-400 - Uncontrolled Resource Consumption
Summary
Improper Restriction of TCP Communication Channel in HTTP/S inbound traffic from WAN to DMZ bypassing security policy until TCP handshake potentially resulting in Denial of Service (DoS) attack if a target host is vulnerable.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SonicWall | SonicOS |
Version: SonicOS Gen 7 TZ-Series 7.0.1-5030-R2007 and earlier versions. Version: SonicOS Gen 7 NSa-Series 7.0.1-5030-R2007 and earlier versions. Version: SonicOS Gen 7 NSv-Series 7.0.1.0-5030-1391 and earlier versions. Version: SonicOS Gen 7 NSsp-Series 7.0.1-5030-R780 and earlier versions. |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:07:50.213Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0004"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "SonicOS",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "SonicOS Gen 7 TZ-Series 7.0.1-5030-R2007 and earlier versions."
},
{
"status": "affected",
"version": "SonicOS Gen 7 NSa-Series 7.0.1-5030-R2007 and earlier versions."
},
{
"status": "affected",
"version": "SonicOS Gen 7 NSv-Series 7.0.1.0-5030-1391 and earlier versions."
},
{
"status": "affected",
"version": "SonicOS Gen 7 NSsp-Series 7.0.1-5030-R780 and earlier versions."
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper Restriction of TCP Communication Channel in HTTP/S inbound traffic from WAN to DMZ bypassing security policy until TCP handshake potentially resulting in Denial of Service (DoS) attack if a target host is vulnerable."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400: Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-27T16:25:13",
"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"shortName": "sonicwall"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0004"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "PSIRT@sonicwall.com",
"ID": "CVE-2022-22275",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SonicOS",
"version": {
"version_data": [
{
"version_value": "SonicOS Gen 7 TZ-Series 7.0.1-5030-R2007 and earlier versions."
},
{
"version_value": "SonicOS Gen 7 NSa-Series 7.0.1-5030-R2007 and earlier versions."
},
{
"version_value": "SonicOS Gen 7 NSv-Series 7.0.1.0-5030-1391 and earlier versions."
},
{
"version_value": "SonicOS Gen 7 NSsp-Series 7.0.1-5030-R780 and earlier versions."
}
]
}
}
]
},
"vendor_name": "SonicWall"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Improper Restriction of TCP Communication Channel in HTTP/S inbound traffic from WAN to DMZ bypassing security policy until TCP handshake potentially resulting in Denial of Service (DoS) attack if a target host is vulnerable."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-400: Uncontrolled Resource Consumption"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0004",
"refsource": "CONFIRM",
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0004"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"assignerShortName": "sonicwall",
"cveId": "CVE-2022-22275",
"datePublished": "2022-04-27T16:25:13",
"dateReserved": "2021-12-29T00:00:00",
"dateUpdated": "2024-08-03T03:07:50.213Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-12806 (GCVE-0-2024-12806)
Vulnerability from cvelistv5
Published
2025-01-09 07:28
Modified
2025-01-17 02:17
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-37 - Path Traversal: '/absolute/pathname/here'
Summary
A post-authentication absolute path traversal vulnerability in SonicOS management allows a remote attacker to read an arbitrary file.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-12806",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-09T20:17:04.720308Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-17T02:17:43.603Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"platforms": [
"Gen6 Hardware",
"Gen7 Hardware",
"Gen7 NSv",
"TZ80"
],
"product": "SonicOS",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "6.5.4.15-117n and older versions"
},
{
"status": "affected",
"version": "7.0.1-5161 and older version"
},
{
"status": "affected",
"version": "7.1.2-7019"
},
{
"status": "affected",
"version": "8.0.0-8035"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Catalpa of DBappSecurity Co. Ltd."
}
],
"datePublic": "2025-01-08T07:18:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA post-authentication absolute path traversal vulnerability in SonicOS management allows a remote attacker to read an arbitrary file.\u003c/span\u003e\n\n\u003c/span\u003e\n\n\u003c/span\u003e"
}
],
"value": "A post-authentication absolute path traversal vulnerability in SonicOS management allows a remote attacker to read an arbitrary file."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-37",
"description": "CWE-37 Path Traversal: \u0027/absolute/pathname/here\u0027",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-09T07:28:13.844Z",
"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"shortName": "sonicwall"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0004"
}
],
"source": {
"advisory": "SNWLID-2025-0004",
"discovery": "EXTERNAL"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"assignerShortName": "sonicwall",
"cveId": "CVE-2024-12806",
"datePublished": "2025-01-09T07:28:13.844Z",
"dateReserved": "2024-12-19T16:36:12.999Z",
"dateUpdated": "2025-01-17T02:17:43.603Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-12805 (GCVE-0-2024-12805)
Vulnerability from cvelistv5
Published
2025-01-09 07:24
Modified
2025-01-17 02:15
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-134 - Use of Externally-Controlled Format String
Summary
A post-authentication format string vulnerability in SonicOS management allows a remote attacker to crash a firewall and potentially leads to code execution.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-12805",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-09T14:54:16.425901Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-17T02:15:26.594Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"platforms": [
"Gen6 Hardware",
"Gen7 Hardware",
"Gen7 NSv",
"TZ80"
],
"product": "SonicOS",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "6.5.4.15-117n and older versions"
},
{
"status": "affected",
"version": "7.0.1-5161 and older version"
},
{
"status": "affected",
"version": "7.1.2-7019"
},
{
"status": "affected",
"version": "8.0.0-8035"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Catalpa of DBappSecurity Co. Ltd."
}
],
"datePublic": "2025-01-08T07:14:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA post-authentication format string vulnerability in SonicOS management allows a remote attacker to crash a firewall and potentially leads to code execution.\u003c/span\u003e\n\n\u003c/span\u003e"
}
],
"value": "A post-authentication format string vulnerability in SonicOS management allows a remote attacker to crash a firewall and potentially leads to code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-134",
"description": "CWE-134 Use of Externally-Controlled Format String",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-09T07:24:12.357Z",
"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"shortName": "sonicwall"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0004"
}
],
"source": {
"advisory": "SNWLID-2025-0004",
"discovery": "EXTERNAL"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"assignerShortName": "sonicwall",
"cveId": "CVE-2024-12805",
"datePublished": "2025-01-09T07:24:12.357Z",
"dateReserved": "2024-12-19T16:36:08.986Z",
"dateUpdated": "2025-01-17T02:15:26.594Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-39279 (GCVE-0-2023-39279)
Vulnerability from cvelistv5
Published
2023-10-17 22:15
Modified
2024-09-13 16:00
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-121 - Stack-based Buffer Overflow
Summary
SonicOS post-authentication Stack-Based Buffer Overflow vulnerability in the getPacketReplayData.json URL endpoint leads to a firewall crash.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T18:02:06.813Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0012"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-39279",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-13T16:00:24.050497Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-13T16:00:49.830Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"modules": [
"Management",
"SSLVPN"
],
"product": "SonicOS",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "7.0.1-5119 and earlier versions"
},
{
"status": "affected",
"version": "7.0.1-5129 and earlier versions"
},
{
"status": "affected",
"version": "6.5.4.4-44v-21-2079 and earlier versions"
},
{
"status": "affected",
"version": "6.5.4.12-101n and earlier versions"
}
]
}
],
"datePublic": "2023-10-17T22:15:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "SonicOS post-authentication Stack-Based Buffer Overflow vulnerability in the getPacketReplayData.json URL endpoint leads to a firewall crash."
}
],
"value": "SonicOS post-authentication Stack-Based Buffer Overflow vulnerability in the getPacketReplayData.json URL endpoint leads to a firewall crash."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121 Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-17T22:15:00.711Z",
"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"shortName": "sonicwall"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0012"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"assignerShortName": "sonicwall",
"cveId": "CVE-2023-39279",
"datePublished": "2023-10-17T22:15:00.711Z",
"dateReserved": "2023-07-27T00:07:04.124Z",
"dateUpdated": "2024-09-13T16:00:49.830Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-20027 (GCVE-0-2021-20027)
Vulnerability from cvelistv5
Published
2021-06-14 22:30
Modified
2024-08-03 17:30
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-120 - Buffer Copy without Checking Size of Input
Summary
A buffer overflow vulnerability in SonicOS allows a remote attacker to cause a Denial of Service (DoS) by sending a specially crafted request. This vulnerability affects SonicOS Gen5, Gen6, Gen7 platforms, and SonicOSv virtual firewalls.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SonicWall | SonicOS |
Version: SonicOS 5.9.1.13 and earlier Version: SonicOSv 6.5.4.4 and earlier Version: SonicOS 6.0.5.3 and earlier Version: SonicOS 6.5.1.12 and earlier Version: SonicOS 6.5.4.7 and earlier Version: SonicOS 7.0.1-R1219 and earlier Version: SonicOS 7.0.1-R514 and earlier Version: SonicOS 7.0.1-R1262 and earlier |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T17:30:07.579Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0016"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "SonicOS",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "SonicOS 5.9.1.13 and earlier"
},
{
"status": "affected",
"version": "SonicOSv 6.5.4.4 and earlier"
},
{
"status": "affected",
"version": "SonicOS 6.0.5.3 and earlier"
},
{
"status": "affected",
"version": "SonicOS 6.5.1.12 and earlier"
},
{
"status": "affected",
"version": "SonicOS 6.5.4.7 and earlier"
},
{
"status": "affected",
"version": "SonicOS 7.0.1-R1219 and earlier"
},
{
"status": "affected",
"version": "SonicOS 7.0.1-R514 and earlier"
},
{
"status": "affected",
"version": "SonicOS 7.0.1-R1262 and earlier"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A buffer overflow vulnerability in SonicOS allows a remote attacker to cause a Denial of Service (DoS) by sending a specially crafted request. This vulnerability affects SonicOS Gen5, Gen6, Gen7 platforms, and SonicOSv virtual firewalls."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-120",
"description": "CWE-120: Buffer Copy without Checking Size of Input",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-14T22:30:11",
"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"shortName": "sonicwall"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0016"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "PSIRT@sonicwall.com",
"ID": "CVE-2021-20027",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SonicOS",
"version": {
"version_data": [
{
"version_value": "SonicOS 5.9.1.13 and earlier"
},
{
"version_value": "SonicOSv 6.5.4.4 and earlier"
},
{
"version_value": "SonicOS 6.0.5.3 and earlier"
},
{
"version_value": "SonicOS 6.5.1.12 and earlier"
},
{
"version_value": "SonicOS 6.5.4.7 and earlier"
},
{
"version_value": "SonicOS 7.0.1-R1219 and earlier"
},
{
"version_value": "SonicOS 7.0.1-R514 and earlier"
},
{
"version_value": "SonicOS 7.0.1-R1262 and earlier"
}
]
}
}
]
},
"vendor_name": "SonicWall"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A buffer overflow vulnerability in SonicOS allows a remote attacker to cause a Denial of Service (DoS) by sending a specially crafted request. This vulnerability affects SonicOS Gen5, Gen6, Gen7 platforms, and SonicOSv virtual firewalls."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-120: Buffer Copy without Checking Size of Input"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0016",
"refsource": "CONFIRM",
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0016"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"assignerShortName": "sonicwall",
"cveId": "CVE-2021-20027",
"datePublished": "2021-06-14T22:30:11",
"dateReserved": "2020-12-17T00:00:00",
"dateUpdated": "2024-08-03T17:30:07.579Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-5130 (GCVE-0-2020-5130)
Vulnerability from cvelistv5
Published
2020-07-17 17:15
Modified
2024-08-04 08:22
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-20 - Improper Input Validation
Summary
SonicOS SSLVPN LDAP login request allows remote attackers to cause external service interaction (DNS) due to improper validation of the request. This vulnerability impact SonicOS version 6.5.4.4-44n and earlier.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T08:22:08.342Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2020-0003"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "SonicOS",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "6.5.4.4-44n and earlier"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "SonicOS SSLVPN LDAP login request allows remote attackers to cause external service interaction (DNS) due to improper validation of the request. This vulnerability impact SonicOS version 6.5.4.4-44n and earlier."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20: Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-07-17T17:15:14",
"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"shortName": "sonicwall"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2020-0003"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "PSIRT@sonicwall.com",
"ID": "CVE-2020-5130",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SonicOS",
"version": {
"version_data": [
{
"version_value": "6.5.4.4-44n and earlier"
}
]
}
}
]
},
"vendor_name": "SonicWall"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SonicOS SSLVPN LDAP login request allows remote attackers to cause external service interaction (DNS) due to improper validation of the request. This vulnerability impact SonicOS version 6.5.4.4-44n and earlier."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20: Improper Input Validation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2020-0003",
"refsource": "CONFIRM",
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2020-0003"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"assignerShortName": "sonicwall",
"cveId": "CVE-2020-5130",
"datePublished": "2020-07-17T17:15:14",
"dateReserved": "2019-12-31T00:00:00",
"dateUpdated": "2024-08-04T08:22:08.342Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}