All the vulnerabilites related to sonicwall - nsv270
cve-2023-39276
Vulnerability from cvelistv5
Published
2023-10-17 22:04
Modified
2024-09-13 16:04
Severity ?
EPSS score ?
Summary
SonicOS post-authentication stack-based buffer overflow vulnerability in the getBookmarkList.json URL endpoint leads to a firewall crash.
References
| ▼ | URL | Tags |
|---|---|---|
| https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0012 | vendor-advisory |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T18:02:06.830Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0012"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-39276",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-13T16:04:23.771929Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-13T16:04:35.863Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"modules": [
"Management",
"SSLVPN"
],
"product": "SonicOS",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "7.0.1-5119 and earlier versions"
},
{
"status": "affected",
"version": "7.0.1-5129 and earlier versions"
},
{
"status": "affected",
"version": "6.5.4.4-44v-21-2079 and earlier versions"
},
{
"status": "affected",
"version": "6.5.4.12-101n and earlier versions"
}
]
}
],
"datePublic": "2023-10-17T22:04:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\nSonicOS post-authentication stack-based buffer overflow vulnerability in the getBookmarkList.json URL endpoint leads to a firewall crash.\n\n\u003cbr\u003e"
}
],
"value": "\nSonicOS post-authentication stack-based buffer overflow vulnerability in the getBookmarkList.json URL endpoint leads to a firewall crash.\n\n\n"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121 Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-17T22:04:34.956Z",
"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"shortName": "sonicwall"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0012"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"assignerShortName": "sonicwall",
"cveId": "CVE-2023-39276",
"datePublished": "2023-10-17T22:04:34.956Z",
"dateReserved": "2023-07-27T00:07:04.124Z",
"dateUpdated": "2024-09-13T16:04:35.863Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-39277
Vulnerability from cvelistv5
Published
2023-10-17 22:08
Modified
2024-09-13 16:03
Severity ?
EPSS score ?
Summary
SonicOS post-authentication stack-based buffer overflow vulnerability in the sonicflow.csv and appflowsessions.csv URL endpoints leads to a firewall crash.
References
| ▼ | URL | Tags |
|---|---|---|
| https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0012 | vendor-advisory |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T18:02:06.752Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0012"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-39277",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-13T16:02:52.041284Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-13T16:03:01.532Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"modules": [
"Management",
"SSLVPN"
],
"product": "SonicOS",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "7.0.1-5119 and earlier versions"
},
{
"status": "affected",
"version": "7.0.1-5129 and earlier versions"
},
{
"status": "affected",
"version": "6.5.4.4-44v-21-2079 and earlier versions"
},
{
"status": "affected",
"version": "6.5.4.12-101n and earlier versions"
}
]
}
],
"datePublic": "2023-10-17T22:08:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eSonicOS post-authentication stack-based buffer overflow vulnerability \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003ein the sonicflow.csv and appflowsessions.csv URL endpoints leads to a firewall crash.\u003c/span\u003e"
}
],
"value": "\nSonicOS post-authentication stack-based buffer overflow vulnerability in the sonicflow.csv and appflowsessions.csv URL endpoints leads to a firewall crash."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121 Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-17T22:08:55.318Z",
"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"shortName": "sonicwall"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0012"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"assignerShortName": "sonicwall",
"cveId": "CVE-2023-39277",
"datePublished": "2023-10-17T22:08:55.318Z",
"dateReserved": "2023-07-27T00:07:04.124Z",
"dateUpdated": "2024-09-13T16:03:01.532Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-39279
Vulnerability from cvelistv5
Published
2023-10-17 22:15
Modified
2024-09-13 16:00
Severity ?
EPSS score ?
Summary
SonicOS post-authentication Stack-Based Buffer Overflow vulnerability in the getPacketReplayData.json URL endpoint leads to a firewall crash.
References
| ▼ | URL | Tags |
|---|---|---|
| https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0012 | vendor-advisory |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T18:02:06.813Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0012"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-39279",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-13T16:00:24.050497Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-13T16:00:49.830Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"modules": [
"Management",
"SSLVPN"
],
"product": "SonicOS",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "7.0.1-5119 and earlier versions"
},
{
"status": "affected",
"version": "7.0.1-5129 and earlier versions"
},
{
"status": "affected",
"version": "6.5.4.4-44v-21-2079 and earlier versions"
},
{
"status": "affected",
"version": "6.5.4.12-101n and earlier versions"
}
]
}
],
"datePublic": "2023-10-17T22:15:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "SonicOS post-authentication Stack-Based Buffer Overflow vulnerability in the getPacketReplayData.json URL endpoint leads to a firewall crash."
}
],
"value": "SonicOS post-authentication Stack-Based Buffer Overflow vulnerability in the getPacketReplayData.json URL endpoint leads to a firewall crash."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121 Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-17T22:15:00.711Z",
"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"shortName": "sonicwall"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0012"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"assignerShortName": "sonicwall",
"cveId": "CVE-2023-39279",
"datePublished": "2023-10-17T22:15:00.711Z",
"dateReserved": "2023-07-27T00:07:04.124Z",
"dateUpdated": "2024-09-13T16:00:49.830Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-41711
Vulnerability from cvelistv5
Published
2023-10-17 22:20
Modified
2024-09-13 15:38
Severity ?
EPSS score ?
Summary
SonicOS post-authentication Stack-Based Buffer Overflow Vulnerability in the sonicwall.exp, prefs.exp URL endpoints lead to a firewall crash.
References
| ▼ | URL | Tags |
|---|---|---|
| https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0012 | vendor-advisory |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:01:35.448Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0012"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-41711",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-13T15:38:20.952791Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-13T15:38:30.661Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"modules": [
"Management",
"SSLVPN"
],
"product": "SonicOS",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "7.0.1-5119 and earlier versions"
},
{
"status": "affected",
"version": "7.0.1-5129 and earlier versions"
},
{
"status": "affected",
"version": "6.5.4.4-44v-21-2079 and earlier versions"
},
{
"status": "affected",
"version": "6.5.4.12-101n and earlier versions"
}
]
}
],
"datePublic": "2023-10-17T22:20:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "SonicOS post-authentication Stack-Based Buffer Overflow Vulnerability in the sonicwall.exp, prefs.exp URL endpoints lead to a firewall crash."
}
],
"value": "SonicOS post-authentication Stack-Based Buffer Overflow Vulnerability in the sonicwall.exp, prefs.exp URL endpoints lead to a firewall crash."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121 Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-17T22:20:36.619Z",
"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"shortName": "sonicwall"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0012"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"assignerShortName": "sonicwall",
"cveId": "CVE-2023-41711",
"datePublished": "2023-10-17T22:20:36.619Z",
"dateReserved": "2023-08-30T17:07:28.451Z",
"dateUpdated": "2024-09-13T15:38:30.661Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-39278
Vulnerability from cvelistv5
Published
2023-10-17 22:12
Modified
2024-09-13 16:01
Severity ?
EPSS score ?
Summary
SonicOS post-authentication user assertion failure leads to Stack-Based Buffer Overflow vulnerability via main.cgi leads to a firewall crash.
References
| ▼ | URL | Tags |
|---|---|---|
| https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0012 | vendor-advisory |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T18:02:06.911Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0012"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-39278",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-13T16:01:40.078298Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-13T16:01:51.265Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"modules": [
"Management",
"SSLVPN"
],
"product": "SonicOS",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "7.0.1-5119 and earlier versions"
},
{
"status": "affected",
"version": "7.0.1-5129 and earlier versions"
},
{
"status": "affected",
"version": "6.5.4.4-44v-21-2079 and earlier versions"
},
{
"status": "affected",
"version": "6.5.4.12-101n and earlier versions"
}
]
}
],
"datePublic": "2023-10-17T22:12:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "SonicOS post-authentication user assertion failure leads to Stack-Based Buffer Overflow vulnerability via main.cgi leads to a firewall crash.\u003cbr\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003cb\u003e\u003c/b\u003e\u003c/span\u003e"
}
],
"value": "SonicOS post-authentication user assertion failure leads to Stack-Based Buffer Overflow vulnerability via main.cgi leads to a firewall crash.\n"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121 Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-17T22:12:29.594Z",
"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"shortName": "sonicwall"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0012"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"assignerShortName": "sonicwall",
"cveId": "CVE-2023-39278",
"datePublished": "2023-10-17T22:12:29.594Z",
"dateReserved": "2023-07-27T00:07:04.124Z",
"dateUpdated": "2024-09-13T16:01:51.265Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-41712
Vulnerability from cvelistv5
Published
2023-10-17 22:26
Modified
2024-09-13 15:36
Severity ?
EPSS score ?
Summary
SonicOS post-authentication Stack-Based Buffer Overflow Vulnerability in the SSL VPN plainprefs.exp URL endpoint leads to a firewall crash.
References
| ▼ | URL | Tags |
|---|---|---|
| https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0012 | vendor-advisory |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:01:35.451Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0012"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-41712",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-13T15:36:06.568443Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-13T15:36:27.303Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"modules": [
"Management",
"SSLVPN"
],
"product": "SonicOS",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "7.0.1-5119 and earlier versions"
},
{
"status": "affected",
"version": "7.0.1-5129 and earlier versions"
},
{
"status": "affected",
"version": "6.5.4.4-44v-21-2079 and earlier versions"
},
{
"status": "affected",
"version": "6.5.4.12-101n and earlier versions"
}
]
}
],
"datePublic": "2023-10-17T22:25:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "SonicOS post-authentication Stack-Based Buffer Overflow Vulnerability in the SSL VPN plainprefs.exp URL endpoint leads to a firewall crash."
}
],
"value": "SonicOS post-authentication Stack-Based Buffer Overflow Vulnerability in the SSL VPN plainprefs.exp URL endpoint leads to a firewall crash."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121 Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-17T22:26:09.949Z",
"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"shortName": "sonicwall"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0012"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"assignerShortName": "sonicwall",
"cveId": "CVE-2023-41712",
"datePublished": "2023-10-17T22:26:09.949Z",
"dateReserved": "2023-08-30T17:07:28.452Z",
"dateUpdated": "2024-09-13T15:36:27.303Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-41715
Vulnerability from cvelistv5
Published
2023-10-17 22:33
Modified
2024-08-02 19:01
Severity ?
EPSS score ?
Summary
SonicOS post-authentication Improper Privilege Management vulnerability in the SonicOS SSL VPN Tunnel allows users to elevate their privileges inside the tunnel.
References
| ▼ | URL | Tags |
|---|---|---|
| https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0012 | vendor-advisory |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:01:35.411Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0012"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"modules": [
"Management",
"SSLVPN"
],
"product": "SonicOS",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "7.0.1-5119 and earlier versions"
},
{
"status": "affected",
"version": "7.0.1-5129 and earlier versions"
},
{
"status": "affected",
"version": "6.5.4.4-44v-21-2079 and earlier versions"
},
{
"status": "affected",
"version": "6.5.4.12-101n and earlier versions"
}
]
}
],
"datePublic": "2023-10-17T22:33:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "SonicOS post-authentication Improper Privilege Management vulnerability in the SonicOS SSL VPN Tunnel allows users to elevate their privileges inside the tunnel.\u003cbr\u003e"
}
],
"value": "SonicOS post-authentication Improper Privilege Management vulnerability in the SonicOS SSL VPN Tunnel allows users to elevate their privileges inside the tunnel.\n"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269 Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-17T22:33:57.440Z",
"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"shortName": "sonicwall"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0012"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"assignerShortName": "sonicwall",
"cveId": "CVE-2023-41715",
"datePublished": "2023-10-17T22:33:57.440Z",
"dateReserved": "2023-08-30T17:07:28.452Z",
"dateUpdated": "2024-08-02T19:01:35.411Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-39280
Vulnerability from cvelistv5
Published
2023-10-17 22:17
Modified
2024-09-13 15:59
Severity ?
EPSS score ?
Summary
SonicOS p
ost-authentication Stack-Based Buffer Overflow vulnerability in the ssoStats-s.xml, ssoStats-s.wri URL endpoints leads to a firewall crash.
References
| ▼ | URL | Tags |
|---|---|---|
| https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0012 | vendor-advisory |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T18:02:06.718Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0012"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-39280",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-13T15:59:13.568147Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-13T15:59:29.468Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"modules": [
"Management",
"SSLVPN"
],
"product": "SonicOS",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "7.0.1-5119 and earlier versions"
},
{
"status": "affected",
"version": "7.0.1-5129 and earlier versions"
},
{
"status": "affected",
"version": "6.5.4.4-44v-21-2079 and earlier versions"
},
{
"status": "affected",
"version": "6.5.4.12-101n and earlier versions"
}
]
}
],
"datePublic": "2023-10-17T22:16:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "SonicOS p\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eost-authentication Stack-Based Buffer Overflow vulnerability in the ssoStats-s.xml, ssoStats-s.wri URL endpoints leads to a firewall crash.\u003c/span\u003e\n\n"
}
],
"value": "SonicOS p\n\nost-authentication Stack-Based Buffer Overflow vulnerability in the ssoStats-s.xml, ssoStats-s.wri URL endpoints leads to a firewall crash.\n\n"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121 Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-17T22:17:36.308Z",
"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"shortName": "sonicwall"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0012"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"assignerShortName": "sonicwall",
"cveId": "CVE-2023-39280",
"datePublished": "2023-10-17T22:17:36.308Z",
"dateReserved": "2023-07-27T00:07:04.125Z",
"dateUpdated": "2024-09-13T15:59:29.468Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-41713
Vulnerability from cvelistv5
Published
2023-10-17 22:28
Modified
2024-09-13 19:32
Severity ?
EPSS score ?
Summary
SonicOS Use of Hard-coded Password vulnerability in the 'dynHandleBuyToolbar' demo function.
References
| ▼ | URL | Tags |
|---|---|---|
| https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0012 | vendor-advisory |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:01:35.438Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0012"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:o:sonicwall:sonicos:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sonicos",
"vendor": "sonicwall",
"versions": [
{
"lessThan": "7.0.1-5119",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "7.0.1-5129",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "6.5.4.4-44v-21-2079",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "6.5.4.12-101n",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-41713",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-13T19:29:35.513087Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-13T19:32:58.092Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"modules": [
"Management",
"SSLVPN"
],
"product": "SonicOS",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "7.0.1-5119 and earlier versions"
},
{
"status": "affected",
"version": "7.0.1-5129 and earlier versions"
},
{
"status": "affected",
"version": "6.5.4.4-44v-21-2079 and earlier versions"
},
{
"status": "affected",
"version": "6.5.4.12-101n and earlier versions"
}
]
}
],
"datePublic": "2023-10-17T22:28:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "SonicOS Use of Hard-coded Password vulnerability in the \u0027dynHandleBuyToolbar\u0027 demo function."
}
],
"value": "SonicOS Use of Hard-coded Password vulnerability in the \u0027dynHandleBuyToolbar\u0027 demo function."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-259",
"description": "CWE-259 Use of Hard-coded Password",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-17T22:28:50.229Z",
"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"shortName": "sonicwall"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0012"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"assignerShortName": "sonicwall",
"cveId": "CVE-2023-41713",
"datePublished": "2023-10-17T22:28:50.229Z",
"dateReserved": "2023-08-30T17:07:28.452Z",
"dateUpdated": "2024-09-13T19:32:58.092Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2023-10-17 23:15
Modified
2024-11-21 08:15
Severity ?
Summary
SonicOS p
ost-authentication Stack-Based Buffer Overflow vulnerability in the ssoStats-s.xml, ssoStats-s.wri URL endpoints leads to a firewall crash.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2C7049FD-8088-4FCE-886A-F4CF5E287D1C",
"versionEndExcluding": "7.0.1-5145",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsa2700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4AFAFCEC-A61E-40EB-87B9-7449751CCAF8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa3700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BC4F132-D29A-4974-86DA-6E35AB05327C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa4700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CBE365CF-DBE9-4C84-AB0C-0CAB7C74ED40",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa5700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "016BB564-CEFC-4E0C-9D38-D9C4C8B2E492",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa6700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5D95DCC6-6F48-4A79-A9F6-BDB1AEFA2180",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nssp10700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15F2741F-3C32-4075-A224-BE272B50E3D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nssp11700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AC883B32-987C-4D34-8BBF-39E2C57A62EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nssp13700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C72EA66A-320C-4D5E-B3F6-6D5F8733E2F1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nssp15700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F8B4A33E-8456-451E-AAF4-7F48BEDACF45",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F5B29EE-9D04-44CC-BB1F-C3C6130D2708",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB6153BB-7B2C-4307-ABE0-0E7E1745DEC7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv1600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "93914C8C-69ED-480C-80F2-4334C00788D8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE26ECE3-9E17-456F-A416-E23A758C9E4C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv25:-:*:*:*:*:*:*:*",
"matchCriteriaId": "67EEA85D-8F9E-4E41-B8B3-119738375A84",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv270:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DACDCE12-74C2-4F3C-8421-9191700514C5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F0D33997-0D65-464E-8AA5-043499C667D1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D13CD6CF-B048-4214-AAA8-AB58BE6C6C5E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv470:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AF1ECB1-6257-41E3-A050-6467063F4807",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv50:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA838CC7-083A-4BF1-9C95-BED6F5A2992C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D0171D69-14A6-4AB0-8377-C233F5E192D8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv870:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0883D805-1BA9-49CE-AEC7-51C9D9A69C5C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz270:-:*:*:*:*:*:*:*",
"matchCriteriaId": "70340DD4-687B-402C-85AF-C2B80D0F1600",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz270w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "52847BA2-470B-4078-A79B-52095DB9214B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz370:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9853AE3A-B0EA-4249-AA7D-1F2051C9BF91",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz370w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4DBDD10C-F89D-4051-BC70-67B41167FF9B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz470:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C23940E-2F9D-447B-A740-42035ED5D400",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz470w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "90C790AD-C40E-4527-8F83-D278282A9600",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz570:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C7DF76E0-8E3D-4E0D-A3BB-F5AE05A4C7C9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz570p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "352DFCF9-E333-41C0-8033-91265768FD8E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz570w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4C882C38-9DA5-4C03-BB23-AB2B448E3307",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz670:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AEEA6065-48D3-4EC7-BD94-CBAE3D1010FF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9B91638E-FB80-4C65-8A37-827488CB3E2C",
"versionEndExcluding": "6.5.4.4-44v-21-2340",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsv10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F5B29EE-9D04-44CC-BB1F-C3C6130D2708",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB6153BB-7B2C-4307-ABE0-0E7E1745DEC7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv1600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "93914C8C-69ED-480C-80F2-4334C00788D8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE26ECE3-9E17-456F-A416-E23A758C9E4C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv25:-:*:*:*:*:*:*:*",
"matchCriteriaId": "67EEA85D-8F9E-4E41-B8B3-119738375A84",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv270:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DACDCE12-74C2-4F3C-8421-9191700514C5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F0D33997-0D65-464E-8AA5-043499C667D1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D13CD6CF-B048-4214-AAA8-AB58BE6C6C5E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv470:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AF1ECB1-6257-41E3-A050-6467063F4807",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv50:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA838CC7-083A-4BF1-9C95-BED6F5A2992C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D0171D69-14A6-4AB0-8377-C233F5E192D8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv870:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0883D805-1BA9-49CE-AEC7-51C9D9A69C5C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0D74A465-1A72-4A02-8A54-FD502BD28119",
"versionEndExcluding": "6.5.4.13-105n",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsa_2600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F86D13F9-D41E-4230-9116-A781FFAEF00D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_2650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B7BCDFEE-DC5A-44B8-85DF-8BFC02B1A973",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_3600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8A24BCC0-CE41-49AF-B03D-D4FCB422503B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_3650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "043858A6-26AC-4EB0-A240-A43AD08C6AD5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_4600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8FD73880-DC60-467F-99B6-69807D58A840",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_4650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "73BB9452-A014-4A68-9662-63E6C60EEAD2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_5600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B0CF683A-7E83-464B-8A0D-4CC641377FA6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_5650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9FAAEBB4-F180-4195-BA7F-591AB02EEDC9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_6600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD9C3F77-2F1A-4C4F-A8F8-CDBFB7B87891",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_6650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "676B05B2-716E-4DC4-BEE8-0E3BCCA5DB27",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:sm_9200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FEF2B435-957C-4BBE-937D-23E4F33189EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:sm_9250:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0CE4FE75-10AD-47D4-AF87-E4C294F89EA8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:sm_9400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B485C543-DFCF-4481-92B4-F7198EE4FBD1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:sm_9450:-:*:*:*:*:*:*:*",
"matchCriteriaId": "928C1C0D-7AF7-4076-B5B2-207DFF3AD6A4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:sm_9600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F030C5AB-36CA-445E-AC87-8DEE18DBB40E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:sm_9650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A1F9D940-8AE2-4B92-B69D-9FF6F48DF16C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:soho_250:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9FDE64E9-44DD-4B7C-BA34-FE2C79E3FAED",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:soho_250w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E8F3935-89B4-4091-9B8C-442C02FD4F3A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:sohow:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7268E89B-FF46-45AD-82FF-333505EF957B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0804FADE-57F7-452F-86B3-079701059D37",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_300p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9956F726-6D62-4616-B60A-4D3DD6F32105",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_300w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "29F4D403-F20A-4802-AAE9-9582486EB436",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_350:-:*:*:*:*:*:*:*",
"matchCriteriaId": "675F28A7-0BB3-4CDA-855E-7EFC650B512E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5983C650-84F6-4B2E-A27E-9E83EA1DDC02",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_400w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BDD4B412-7967-477F-929E-8F12A39186FF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A1D996FA-52D1-47C2-87E6-682EEC9CA532",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_500w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B9DEF6EE-000D-407D-AA2B-E039BA306A2A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C0B8BFA4-2E15-4318-B7A9-DBDE801D0CF0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_600p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DCB8CDE6-8052-40F7-950F-05329499A58A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SonicOS p\n\nost-authentication Stack-Based Buffer Overflow vulnerability in the ssoStats-s.xml, ssoStats-s.wri URL endpoints leads to a firewall crash.\n\n"
},
{
"lang": "es",
"value": "La vulnerabilidad de desbordamiento del b\u00fafer posterior a la autenticaci\u00f3n de SonicOS en los endpoints de URL ssoStats-s.xml y ssoStats-s.wri provoca una falla del firewall."
}
],
"id": "CVE-2023-39280",
"lastModified": "2024-11-21T08:15:03.223",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-10-17T23:15:11.853",
"references": [
{
"source": "PSIRT@sonicwall.com",
"tags": [
"Vendor Advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0012"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0012"
}
],
"sourceIdentifier": "PSIRT@sonicwall.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-121"
}
],
"source": "PSIRT@sonicwall.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-10-17 23:15
Modified
2024-11-21 08:15
Severity ?
Summary
SonicOS post-authentication stack-based buffer overflow vulnerability in the getBookmarkList.json URL endpoint leads to a firewall crash.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2C7049FD-8088-4FCE-886A-F4CF5E287D1C",
"versionEndExcluding": "7.0.1-5145",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsa2700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4AFAFCEC-A61E-40EB-87B9-7449751CCAF8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa3700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BC4F132-D29A-4974-86DA-6E35AB05327C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa4700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CBE365CF-DBE9-4C84-AB0C-0CAB7C74ED40",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa5700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "016BB564-CEFC-4E0C-9D38-D9C4C8B2E492",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa6700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5D95DCC6-6F48-4A79-A9F6-BDB1AEFA2180",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nssp10700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15F2741F-3C32-4075-A224-BE272B50E3D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nssp11700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AC883B32-987C-4D34-8BBF-39E2C57A62EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nssp13700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C72EA66A-320C-4D5E-B3F6-6D5F8733E2F1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nssp15700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F8B4A33E-8456-451E-AAF4-7F48BEDACF45",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F5B29EE-9D04-44CC-BB1F-C3C6130D2708",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB6153BB-7B2C-4307-ABE0-0E7E1745DEC7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv1600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "93914C8C-69ED-480C-80F2-4334C00788D8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE26ECE3-9E17-456F-A416-E23A758C9E4C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv25:-:*:*:*:*:*:*:*",
"matchCriteriaId": "67EEA85D-8F9E-4E41-B8B3-119738375A84",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv270:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DACDCE12-74C2-4F3C-8421-9191700514C5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F0D33997-0D65-464E-8AA5-043499C667D1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D13CD6CF-B048-4214-AAA8-AB58BE6C6C5E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv470:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AF1ECB1-6257-41E3-A050-6467063F4807",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv50:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA838CC7-083A-4BF1-9C95-BED6F5A2992C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D0171D69-14A6-4AB0-8377-C233F5E192D8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv870:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0883D805-1BA9-49CE-AEC7-51C9D9A69C5C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz270:-:*:*:*:*:*:*:*",
"matchCriteriaId": "70340DD4-687B-402C-85AF-C2B80D0F1600",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz270w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "52847BA2-470B-4078-A79B-52095DB9214B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz370:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9853AE3A-B0EA-4249-AA7D-1F2051C9BF91",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz370w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4DBDD10C-F89D-4051-BC70-67B41167FF9B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz470:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C23940E-2F9D-447B-A740-42035ED5D400",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz470w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "90C790AD-C40E-4527-8F83-D278282A9600",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz570:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C7DF76E0-8E3D-4E0D-A3BB-F5AE05A4C7C9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz570p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "352DFCF9-E333-41C0-8033-91265768FD8E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz570w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4C882C38-9DA5-4C03-BB23-AB2B448E3307",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz670:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AEEA6065-48D3-4EC7-BD94-CBAE3D1010FF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9B91638E-FB80-4C65-8A37-827488CB3E2C",
"versionEndExcluding": "6.5.4.4-44v-21-2340",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsv10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F5B29EE-9D04-44CC-BB1F-C3C6130D2708",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB6153BB-7B2C-4307-ABE0-0E7E1745DEC7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv1600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "93914C8C-69ED-480C-80F2-4334C00788D8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE26ECE3-9E17-456F-A416-E23A758C9E4C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv25:-:*:*:*:*:*:*:*",
"matchCriteriaId": "67EEA85D-8F9E-4E41-B8B3-119738375A84",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv270:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DACDCE12-74C2-4F3C-8421-9191700514C5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F0D33997-0D65-464E-8AA5-043499C667D1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D13CD6CF-B048-4214-AAA8-AB58BE6C6C5E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv470:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AF1ECB1-6257-41E3-A050-6467063F4807",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv50:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA838CC7-083A-4BF1-9C95-BED6F5A2992C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D0171D69-14A6-4AB0-8377-C233F5E192D8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv870:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0883D805-1BA9-49CE-AEC7-51C9D9A69C5C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0D74A465-1A72-4A02-8A54-FD502BD28119",
"versionEndExcluding": "6.5.4.13-105n",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsa_2600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F86D13F9-D41E-4230-9116-A781FFAEF00D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_2650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B7BCDFEE-DC5A-44B8-85DF-8BFC02B1A973",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_3600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8A24BCC0-CE41-49AF-B03D-D4FCB422503B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_3650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "043858A6-26AC-4EB0-A240-A43AD08C6AD5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_4600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8FD73880-DC60-467F-99B6-69807D58A840",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_4650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "73BB9452-A014-4A68-9662-63E6C60EEAD2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_5600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B0CF683A-7E83-464B-8A0D-4CC641377FA6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_5650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9FAAEBB4-F180-4195-BA7F-591AB02EEDC9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_6600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD9C3F77-2F1A-4C4F-A8F8-CDBFB7B87891",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_6650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "676B05B2-716E-4DC4-BEE8-0E3BCCA5DB27",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:sm_9200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FEF2B435-957C-4BBE-937D-23E4F33189EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:sm_9250:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0CE4FE75-10AD-47D4-AF87-E4C294F89EA8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:sm_9400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B485C543-DFCF-4481-92B4-F7198EE4FBD1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:sm_9450:-:*:*:*:*:*:*:*",
"matchCriteriaId": "928C1C0D-7AF7-4076-B5B2-207DFF3AD6A4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:sm_9600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F030C5AB-36CA-445E-AC87-8DEE18DBB40E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:sm_9650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A1F9D940-8AE2-4B92-B69D-9FF6F48DF16C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:soho_250:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9FDE64E9-44DD-4B7C-BA34-FE2C79E3FAED",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:soho_250w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E8F3935-89B4-4091-9B8C-442C02FD4F3A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:sohow:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7268E89B-FF46-45AD-82FF-333505EF957B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0804FADE-57F7-452F-86B3-079701059D37",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_300p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9956F726-6D62-4616-B60A-4D3DD6F32105",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_300w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "29F4D403-F20A-4802-AAE9-9582486EB436",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_350:-:*:*:*:*:*:*:*",
"matchCriteriaId": "675F28A7-0BB3-4CDA-855E-7EFC650B512E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5983C650-84F6-4B2E-A27E-9E83EA1DDC02",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_400w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BDD4B412-7967-477F-929E-8F12A39186FF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A1D996FA-52D1-47C2-87E6-682EEC9CA532",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_500w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B9DEF6EE-000D-407D-AA2B-E039BA306A2A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C0B8BFA4-2E15-4318-B7A9-DBDE801D0CF0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_600p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DCB8CDE6-8052-40F7-950F-05329499A58A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "\nSonicOS post-authentication stack-based buffer overflow vulnerability in the getBookmarkList.json URL endpoint leads to a firewall crash.\n\n\n"
},
{
"lang": "es",
"value": "La vulnerabilidad de desbordamiento del b\u00fafer de autenticaci\u00f3n posterior de SonicOS en el endpoint de la URL getBookmarkList.json provoca una falla del firewall."
}
],
"id": "CVE-2023-39276",
"lastModified": "2024-11-21T08:15:02.593",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-10-17T23:15:11.573",
"references": [
{
"source": "PSIRT@sonicwall.com",
"tags": [
"Vendor Advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0012"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0012"
}
],
"sourceIdentifier": "PSIRT@sonicwall.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-121"
}
],
"source": "PSIRT@sonicwall.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-10-17 23:15
Modified
2024-11-21 08:21
Severity ?
Summary
SonicOS post-authentication Stack-Based Buffer Overflow Vulnerability in the SSL VPN plainprefs.exp URL endpoint leads to a firewall crash.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2C7049FD-8088-4FCE-886A-F4CF5E287D1C",
"versionEndExcluding": "7.0.1-5145",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsa2700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4AFAFCEC-A61E-40EB-87B9-7449751CCAF8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa3700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BC4F132-D29A-4974-86DA-6E35AB05327C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa4700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CBE365CF-DBE9-4C84-AB0C-0CAB7C74ED40",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa5700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "016BB564-CEFC-4E0C-9D38-D9C4C8B2E492",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa6700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5D95DCC6-6F48-4A79-A9F6-BDB1AEFA2180",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nssp10700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15F2741F-3C32-4075-A224-BE272B50E3D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nssp11700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AC883B32-987C-4D34-8BBF-39E2C57A62EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nssp13700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C72EA66A-320C-4D5E-B3F6-6D5F8733E2F1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nssp15700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F8B4A33E-8456-451E-AAF4-7F48BEDACF45",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F5B29EE-9D04-44CC-BB1F-C3C6130D2708",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB6153BB-7B2C-4307-ABE0-0E7E1745DEC7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv1600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "93914C8C-69ED-480C-80F2-4334C00788D8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE26ECE3-9E17-456F-A416-E23A758C9E4C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv25:-:*:*:*:*:*:*:*",
"matchCriteriaId": "67EEA85D-8F9E-4E41-B8B3-119738375A84",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv270:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DACDCE12-74C2-4F3C-8421-9191700514C5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F0D33997-0D65-464E-8AA5-043499C667D1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D13CD6CF-B048-4214-AAA8-AB58BE6C6C5E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv470:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AF1ECB1-6257-41E3-A050-6467063F4807",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv50:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA838CC7-083A-4BF1-9C95-BED6F5A2992C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D0171D69-14A6-4AB0-8377-C233F5E192D8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv870:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0883D805-1BA9-49CE-AEC7-51C9D9A69C5C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz270:-:*:*:*:*:*:*:*",
"matchCriteriaId": "70340DD4-687B-402C-85AF-C2B80D0F1600",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz270w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "52847BA2-470B-4078-A79B-52095DB9214B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz370:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9853AE3A-B0EA-4249-AA7D-1F2051C9BF91",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz370w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4DBDD10C-F89D-4051-BC70-67B41167FF9B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz470:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C23940E-2F9D-447B-A740-42035ED5D400",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz470w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "90C790AD-C40E-4527-8F83-D278282A9600",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz570:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C7DF76E0-8E3D-4E0D-A3BB-F5AE05A4C7C9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz570p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "352DFCF9-E333-41C0-8033-91265768FD8E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz570w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4C882C38-9DA5-4C03-BB23-AB2B448E3307",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz670:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AEEA6065-48D3-4EC7-BD94-CBAE3D1010FF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9B91638E-FB80-4C65-8A37-827488CB3E2C",
"versionEndExcluding": "6.5.4.4-44v-21-2340",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsv10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F5B29EE-9D04-44CC-BB1F-C3C6130D2708",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB6153BB-7B2C-4307-ABE0-0E7E1745DEC7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv1600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "93914C8C-69ED-480C-80F2-4334C00788D8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE26ECE3-9E17-456F-A416-E23A758C9E4C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv25:-:*:*:*:*:*:*:*",
"matchCriteriaId": "67EEA85D-8F9E-4E41-B8B3-119738375A84",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv270:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DACDCE12-74C2-4F3C-8421-9191700514C5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F0D33997-0D65-464E-8AA5-043499C667D1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D13CD6CF-B048-4214-AAA8-AB58BE6C6C5E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv470:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AF1ECB1-6257-41E3-A050-6467063F4807",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv50:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA838CC7-083A-4BF1-9C95-BED6F5A2992C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D0171D69-14A6-4AB0-8377-C233F5E192D8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv870:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0883D805-1BA9-49CE-AEC7-51C9D9A69C5C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0D74A465-1A72-4A02-8A54-FD502BD28119",
"versionEndExcluding": "6.5.4.13-105n",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsa_2600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F86D13F9-D41E-4230-9116-A781FFAEF00D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_2650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B7BCDFEE-DC5A-44B8-85DF-8BFC02B1A973",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_3600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8A24BCC0-CE41-49AF-B03D-D4FCB422503B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_3650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "043858A6-26AC-4EB0-A240-A43AD08C6AD5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_4600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8FD73880-DC60-467F-99B6-69807D58A840",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_4650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "73BB9452-A014-4A68-9662-63E6C60EEAD2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_5600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B0CF683A-7E83-464B-8A0D-4CC641377FA6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_5650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9FAAEBB4-F180-4195-BA7F-591AB02EEDC9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_6600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD9C3F77-2F1A-4C4F-A8F8-CDBFB7B87891",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_6650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "676B05B2-716E-4DC4-BEE8-0E3BCCA5DB27",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:sm_9200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FEF2B435-957C-4BBE-937D-23E4F33189EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:sm_9250:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0CE4FE75-10AD-47D4-AF87-E4C294F89EA8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:sm_9400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B485C543-DFCF-4481-92B4-F7198EE4FBD1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:sm_9450:-:*:*:*:*:*:*:*",
"matchCriteriaId": "928C1C0D-7AF7-4076-B5B2-207DFF3AD6A4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:sm_9600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F030C5AB-36CA-445E-AC87-8DEE18DBB40E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:sm_9650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A1F9D940-8AE2-4B92-B69D-9FF6F48DF16C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:soho_250:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9FDE64E9-44DD-4B7C-BA34-FE2C79E3FAED",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:soho_250w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E8F3935-89B4-4091-9B8C-442C02FD4F3A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:sohow:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7268E89B-FF46-45AD-82FF-333505EF957B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0804FADE-57F7-452F-86B3-079701059D37",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_300p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9956F726-6D62-4616-B60A-4D3DD6F32105",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_300w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "29F4D403-F20A-4802-AAE9-9582486EB436",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_350:-:*:*:*:*:*:*:*",
"matchCriteriaId": "675F28A7-0BB3-4CDA-855E-7EFC650B512E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5983C650-84F6-4B2E-A27E-9E83EA1DDC02",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_400w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BDD4B412-7967-477F-929E-8F12A39186FF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A1D996FA-52D1-47C2-87E6-682EEC9CA532",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_500w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B9DEF6EE-000D-407D-AA2B-E039BA306A2A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C0B8BFA4-2E15-4318-B7A9-DBDE801D0CF0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_600p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DCB8CDE6-8052-40F7-950F-05329499A58A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SonicOS post-authentication Stack-Based Buffer Overflow Vulnerability in the SSL VPN plainprefs.exp URL endpoint leads to a firewall crash."
},
{
"lang": "es",
"value": "La vulnerabilidad de desbordamiento del b\u00fafer posterior a la autenticaci\u00f3n de SonicOS en el extremo URL de SSL VPN plainprefs.exp provoca una falla del firewall."
}
],
"id": "CVE-2023-41712",
"lastModified": "2024-11-21T08:21:31.643",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-10-17T23:15:12.093",
"references": [
{
"source": "PSIRT@sonicwall.com",
"tags": [
"Vendor Advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0012"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0012"
}
],
"sourceIdentifier": "PSIRT@sonicwall.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-121"
}
],
"source": "PSIRT@sonicwall.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-10-17 23:15
Modified
2024-11-21 08:21
Severity ?
Summary
SonicOS post-authentication Improper Privilege Management vulnerability in the SonicOS SSL VPN Tunnel allows users to elevate their privileges inside the tunnel.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2C7049FD-8088-4FCE-886A-F4CF5E287D1C",
"versionEndExcluding": "7.0.1-5145",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsa2700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4AFAFCEC-A61E-40EB-87B9-7449751CCAF8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa3700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BC4F132-D29A-4974-86DA-6E35AB05327C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa4700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CBE365CF-DBE9-4C84-AB0C-0CAB7C74ED40",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa5700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "016BB564-CEFC-4E0C-9D38-D9C4C8B2E492",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa6700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5D95DCC6-6F48-4A79-A9F6-BDB1AEFA2180",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nssp10700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15F2741F-3C32-4075-A224-BE272B50E3D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nssp11700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AC883B32-987C-4D34-8BBF-39E2C57A62EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nssp13700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C72EA66A-320C-4D5E-B3F6-6D5F8733E2F1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nssp15700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F8B4A33E-8456-451E-AAF4-7F48BEDACF45",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F5B29EE-9D04-44CC-BB1F-C3C6130D2708",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB6153BB-7B2C-4307-ABE0-0E7E1745DEC7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv1600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "93914C8C-69ED-480C-80F2-4334C00788D8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE26ECE3-9E17-456F-A416-E23A758C9E4C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv25:-:*:*:*:*:*:*:*",
"matchCriteriaId": "67EEA85D-8F9E-4E41-B8B3-119738375A84",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv270:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DACDCE12-74C2-4F3C-8421-9191700514C5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F0D33997-0D65-464E-8AA5-043499C667D1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D13CD6CF-B048-4214-AAA8-AB58BE6C6C5E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv470:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AF1ECB1-6257-41E3-A050-6467063F4807",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv50:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA838CC7-083A-4BF1-9C95-BED6F5A2992C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D0171D69-14A6-4AB0-8377-C233F5E192D8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv870:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0883D805-1BA9-49CE-AEC7-51C9D9A69C5C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz270:-:*:*:*:*:*:*:*",
"matchCriteriaId": "70340DD4-687B-402C-85AF-C2B80D0F1600",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz270w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "52847BA2-470B-4078-A79B-52095DB9214B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz370:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9853AE3A-B0EA-4249-AA7D-1F2051C9BF91",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz370w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4DBDD10C-F89D-4051-BC70-67B41167FF9B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz470:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C23940E-2F9D-447B-A740-42035ED5D400",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz470w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "90C790AD-C40E-4527-8F83-D278282A9600",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz570:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C7DF76E0-8E3D-4E0D-A3BB-F5AE05A4C7C9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz570p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "352DFCF9-E333-41C0-8033-91265768FD8E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz570w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4C882C38-9DA5-4C03-BB23-AB2B448E3307",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz670:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AEEA6065-48D3-4EC7-BD94-CBAE3D1010FF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9B91638E-FB80-4C65-8A37-827488CB3E2C",
"versionEndExcluding": "6.5.4.4-44v-21-2340",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsv10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F5B29EE-9D04-44CC-BB1F-C3C6130D2708",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB6153BB-7B2C-4307-ABE0-0E7E1745DEC7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv1600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "93914C8C-69ED-480C-80F2-4334C00788D8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE26ECE3-9E17-456F-A416-E23A758C9E4C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv25:-:*:*:*:*:*:*:*",
"matchCriteriaId": "67EEA85D-8F9E-4E41-B8B3-119738375A84",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv270:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DACDCE12-74C2-4F3C-8421-9191700514C5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F0D33997-0D65-464E-8AA5-043499C667D1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D13CD6CF-B048-4214-AAA8-AB58BE6C6C5E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv470:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AF1ECB1-6257-41E3-A050-6467063F4807",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv50:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA838CC7-083A-4BF1-9C95-BED6F5A2992C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D0171D69-14A6-4AB0-8377-C233F5E192D8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv870:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0883D805-1BA9-49CE-AEC7-51C9D9A69C5C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0D74A465-1A72-4A02-8A54-FD502BD28119",
"versionEndExcluding": "6.5.4.13-105n",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsa_2600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F86D13F9-D41E-4230-9116-A781FFAEF00D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_2650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B7BCDFEE-DC5A-44B8-85DF-8BFC02B1A973",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_3600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8A24BCC0-CE41-49AF-B03D-D4FCB422503B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_3650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "043858A6-26AC-4EB0-A240-A43AD08C6AD5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_4600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8FD73880-DC60-467F-99B6-69807D58A840",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_4650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "73BB9452-A014-4A68-9662-63E6C60EEAD2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_5600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B0CF683A-7E83-464B-8A0D-4CC641377FA6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_5650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9FAAEBB4-F180-4195-BA7F-591AB02EEDC9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_6600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD9C3F77-2F1A-4C4F-A8F8-CDBFB7B87891",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_6650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "676B05B2-716E-4DC4-BEE8-0E3BCCA5DB27",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:sm_9200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FEF2B435-957C-4BBE-937D-23E4F33189EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:sm_9250:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0CE4FE75-10AD-47D4-AF87-E4C294F89EA8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:sm_9400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B485C543-DFCF-4481-92B4-F7198EE4FBD1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:sm_9450:-:*:*:*:*:*:*:*",
"matchCriteriaId": "928C1C0D-7AF7-4076-B5B2-207DFF3AD6A4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:sm_9600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F030C5AB-36CA-445E-AC87-8DEE18DBB40E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:sm_9650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A1F9D940-8AE2-4B92-B69D-9FF6F48DF16C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:soho_250:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9FDE64E9-44DD-4B7C-BA34-FE2C79E3FAED",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:soho_250w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E8F3935-89B4-4091-9B8C-442C02FD4F3A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:sohow:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7268E89B-FF46-45AD-82FF-333505EF957B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0804FADE-57F7-452F-86B3-079701059D37",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_300p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9956F726-6D62-4616-B60A-4D3DD6F32105",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_300w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "29F4D403-F20A-4802-AAE9-9582486EB436",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_350:-:*:*:*:*:*:*:*",
"matchCriteriaId": "675F28A7-0BB3-4CDA-855E-7EFC650B512E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5983C650-84F6-4B2E-A27E-9E83EA1DDC02",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_400w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BDD4B412-7967-477F-929E-8F12A39186FF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A1D996FA-52D1-47C2-87E6-682EEC9CA532",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_500w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B9DEF6EE-000D-407D-AA2B-E039BA306A2A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C0B8BFA4-2E15-4318-B7A9-DBDE801D0CF0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_600p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DCB8CDE6-8052-40F7-950F-05329499A58A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SonicOS post-authentication Improper Privilege Management vulnerability in the SonicOS SSL VPN Tunnel allows users to elevate their privileges inside the tunnel.\n"
},
{
"lang": "es",
"value": "La vulnerabilidad de administraci\u00f3n de privilegios inadecuada posterior a la autenticaci\u00f3n de SonicOS en el t\u00fanel VPN SSL de SonicOS permite a los usuarios elevar sus privilegios dentro del t\u00fanel."
}
],
"id": "CVE-2023-41715",
"lastModified": "2024-11-21T08:21:31.977",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-10-17T23:15:12.227",
"references": [
{
"source": "PSIRT@sonicwall.com",
"tags": [
"Vendor Advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0012"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0012"
}
],
"sourceIdentifier": "PSIRT@sonicwall.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-269"
}
],
"source": "PSIRT@sonicwall.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-269"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-10-17 23:15
Modified
2024-11-21 08:15
Severity ?
Summary
SonicOS post-authentication user assertion failure leads to Stack-Based Buffer Overflow vulnerability via main.cgi leads to a firewall crash.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2C7049FD-8088-4FCE-886A-F4CF5E287D1C",
"versionEndExcluding": "7.0.1-5145",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsa2700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4AFAFCEC-A61E-40EB-87B9-7449751CCAF8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa3700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BC4F132-D29A-4974-86DA-6E35AB05327C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa4700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CBE365CF-DBE9-4C84-AB0C-0CAB7C74ED40",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa5700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "016BB564-CEFC-4E0C-9D38-D9C4C8B2E492",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa6700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5D95DCC6-6F48-4A79-A9F6-BDB1AEFA2180",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nssp10700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15F2741F-3C32-4075-A224-BE272B50E3D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nssp11700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AC883B32-987C-4D34-8BBF-39E2C57A62EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nssp13700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C72EA66A-320C-4D5E-B3F6-6D5F8733E2F1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nssp15700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F8B4A33E-8456-451E-AAF4-7F48BEDACF45",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F5B29EE-9D04-44CC-BB1F-C3C6130D2708",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB6153BB-7B2C-4307-ABE0-0E7E1745DEC7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv1600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "93914C8C-69ED-480C-80F2-4334C00788D8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE26ECE3-9E17-456F-A416-E23A758C9E4C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv25:-:*:*:*:*:*:*:*",
"matchCriteriaId": "67EEA85D-8F9E-4E41-B8B3-119738375A84",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv270:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DACDCE12-74C2-4F3C-8421-9191700514C5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F0D33997-0D65-464E-8AA5-043499C667D1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D13CD6CF-B048-4214-AAA8-AB58BE6C6C5E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv470:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AF1ECB1-6257-41E3-A050-6467063F4807",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv50:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA838CC7-083A-4BF1-9C95-BED6F5A2992C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D0171D69-14A6-4AB0-8377-C233F5E192D8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv870:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0883D805-1BA9-49CE-AEC7-51C9D9A69C5C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz270:-:*:*:*:*:*:*:*",
"matchCriteriaId": "70340DD4-687B-402C-85AF-C2B80D0F1600",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz270w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "52847BA2-470B-4078-A79B-52095DB9214B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz370:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9853AE3A-B0EA-4249-AA7D-1F2051C9BF91",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz370w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4DBDD10C-F89D-4051-BC70-67B41167FF9B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz470:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C23940E-2F9D-447B-A740-42035ED5D400",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz470w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "90C790AD-C40E-4527-8F83-D278282A9600",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz570:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C7DF76E0-8E3D-4E0D-A3BB-F5AE05A4C7C9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz570p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "352DFCF9-E333-41C0-8033-91265768FD8E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz570w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4C882C38-9DA5-4C03-BB23-AB2B448E3307",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz670:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AEEA6065-48D3-4EC7-BD94-CBAE3D1010FF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9B91638E-FB80-4C65-8A37-827488CB3E2C",
"versionEndExcluding": "6.5.4.4-44v-21-2340",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsv10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F5B29EE-9D04-44CC-BB1F-C3C6130D2708",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB6153BB-7B2C-4307-ABE0-0E7E1745DEC7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv1600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "93914C8C-69ED-480C-80F2-4334C00788D8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE26ECE3-9E17-456F-A416-E23A758C9E4C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv25:-:*:*:*:*:*:*:*",
"matchCriteriaId": "67EEA85D-8F9E-4E41-B8B3-119738375A84",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv270:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DACDCE12-74C2-4F3C-8421-9191700514C5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F0D33997-0D65-464E-8AA5-043499C667D1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D13CD6CF-B048-4214-AAA8-AB58BE6C6C5E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv470:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AF1ECB1-6257-41E3-A050-6467063F4807",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv50:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA838CC7-083A-4BF1-9C95-BED6F5A2992C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D0171D69-14A6-4AB0-8377-C233F5E192D8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv870:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0883D805-1BA9-49CE-AEC7-51C9D9A69C5C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0D74A465-1A72-4A02-8A54-FD502BD28119",
"versionEndExcluding": "6.5.4.13-105n",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsa_2600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F86D13F9-D41E-4230-9116-A781FFAEF00D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_2650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B7BCDFEE-DC5A-44B8-85DF-8BFC02B1A973",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_3600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8A24BCC0-CE41-49AF-B03D-D4FCB422503B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_3650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "043858A6-26AC-4EB0-A240-A43AD08C6AD5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_4600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8FD73880-DC60-467F-99B6-69807D58A840",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_4650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "73BB9452-A014-4A68-9662-63E6C60EEAD2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_5600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B0CF683A-7E83-464B-8A0D-4CC641377FA6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_5650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9FAAEBB4-F180-4195-BA7F-591AB02EEDC9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_6600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD9C3F77-2F1A-4C4F-A8F8-CDBFB7B87891",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_6650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "676B05B2-716E-4DC4-BEE8-0E3BCCA5DB27",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:sm_9200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FEF2B435-957C-4BBE-937D-23E4F33189EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:sm_9250:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0CE4FE75-10AD-47D4-AF87-E4C294F89EA8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:sm_9400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B485C543-DFCF-4481-92B4-F7198EE4FBD1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:sm_9450:-:*:*:*:*:*:*:*",
"matchCriteriaId": "928C1C0D-7AF7-4076-B5B2-207DFF3AD6A4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:sm_9600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F030C5AB-36CA-445E-AC87-8DEE18DBB40E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:sm_9650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A1F9D940-8AE2-4B92-B69D-9FF6F48DF16C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:soho_250:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9FDE64E9-44DD-4B7C-BA34-FE2C79E3FAED",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:soho_250w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E8F3935-89B4-4091-9B8C-442C02FD4F3A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:sohow:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7268E89B-FF46-45AD-82FF-333505EF957B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0804FADE-57F7-452F-86B3-079701059D37",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_300p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9956F726-6D62-4616-B60A-4D3DD6F32105",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_300w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "29F4D403-F20A-4802-AAE9-9582486EB436",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_350:-:*:*:*:*:*:*:*",
"matchCriteriaId": "675F28A7-0BB3-4CDA-855E-7EFC650B512E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5983C650-84F6-4B2E-A27E-9E83EA1DDC02",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_400w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BDD4B412-7967-477F-929E-8F12A39186FF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A1D996FA-52D1-47C2-87E6-682EEC9CA532",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_500w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B9DEF6EE-000D-407D-AA2B-E039BA306A2A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C0B8BFA4-2E15-4318-B7A9-DBDE801D0CF0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_600p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DCB8CDE6-8052-40F7-950F-05329499A58A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SonicOS post-authentication user assertion failure leads to Stack-Based Buffer Overflow vulnerability via main.cgi leads to a firewall crash.\n"
},
{
"lang": "es",
"value": "La falla de aserci\u00f3n del usuario posterior a la autenticaci\u00f3n de SonicOS conduce a una vulnerabilidad de desbordamiento del b\u00fafer a trav\u00e9s de main.cgi que provoca una falla del firewall."
}
],
"id": "CVE-2023-39278",
"lastModified": "2024-11-21T08:15:02.913",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-10-17T23:15:11.727",
"references": [
{
"source": "PSIRT@sonicwall.com",
"tags": [
"Vendor Advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0012"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0012"
}
],
"sourceIdentifier": "PSIRT@sonicwall.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-121"
}
],
"source": "PSIRT@sonicwall.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-10-17 23:15
Modified
2024-11-21 08:21
Severity ?
Summary
SonicOS post-authentication Stack-Based Buffer Overflow Vulnerability in the sonicwall.exp, prefs.exp URL endpoints lead to a firewall crash.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2C7049FD-8088-4FCE-886A-F4CF5E287D1C",
"versionEndExcluding": "7.0.1-5145",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsa2700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4AFAFCEC-A61E-40EB-87B9-7449751CCAF8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa3700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BC4F132-D29A-4974-86DA-6E35AB05327C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa4700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CBE365CF-DBE9-4C84-AB0C-0CAB7C74ED40",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa5700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "016BB564-CEFC-4E0C-9D38-D9C4C8B2E492",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa6700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5D95DCC6-6F48-4A79-A9F6-BDB1AEFA2180",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nssp10700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15F2741F-3C32-4075-A224-BE272B50E3D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nssp11700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AC883B32-987C-4D34-8BBF-39E2C57A62EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nssp13700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C72EA66A-320C-4D5E-B3F6-6D5F8733E2F1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nssp15700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F8B4A33E-8456-451E-AAF4-7F48BEDACF45",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F5B29EE-9D04-44CC-BB1F-C3C6130D2708",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB6153BB-7B2C-4307-ABE0-0E7E1745DEC7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv1600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "93914C8C-69ED-480C-80F2-4334C00788D8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE26ECE3-9E17-456F-A416-E23A758C9E4C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv25:-:*:*:*:*:*:*:*",
"matchCriteriaId": "67EEA85D-8F9E-4E41-B8B3-119738375A84",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv270:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DACDCE12-74C2-4F3C-8421-9191700514C5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F0D33997-0D65-464E-8AA5-043499C667D1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D13CD6CF-B048-4214-AAA8-AB58BE6C6C5E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv470:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AF1ECB1-6257-41E3-A050-6467063F4807",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv50:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA838CC7-083A-4BF1-9C95-BED6F5A2992C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D0171D69-14A6-4AB0-8377-C233F5E192D8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv870:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0883D805-1BA9-49CE-AEC7-51C9D9A69C5C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz270:-:*:*:*:*:*:*:*",
"matchCriteriaId": "70340DD4-687B-402C-85AF-C2B80D0F1600",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz270w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "52847BA2-470B-4078-A79B-52095DB9214B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz370:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9853AE3A-B0EA-4249-AA7D-1F2051C9BF91",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz370w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4DBDD10C-F89D-4051-BC70-67B41167FF9B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz470:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C23940E-2F9D-447B-A740-42035ED5D400",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz470w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "90C790AD-C40E-4527-8F83-D278282A9600",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz570:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C7DF76E0-8E3D-4E0D-A3BB-F5AE05A4C7C9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz570p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "352DFCF9-E333-41C0-8033-91265768FD8E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz570w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4C882C38-9DA5-4C03-BB23-AB2B448E3307",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz670:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AEEA6065-48D3-4EC7-BD94-CBAE3D1010FF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9B91638E-FB80-4C65-8A37-827488CB3E2C",
"versionEndExcluding": "6.5.4.4-44v-21-2340",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsv10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F5B29EE-9D04-44CC-BB1F-C3C6130D2708",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB6153BB-7B2C-4307-ABE0-0E7E1745DEC7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv1600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "93914C8C-69ED-480C-80F2-4334C00788D8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE26ECE3-9E17-456F-A416-E23A758C9E4C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv25:-:*:*:*:*:*:*:*",
"matchCriteriaId": "67EEA85D-8F9E-4E41-B8B3-119738375A84",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv270:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DACDCE12-74C2-4F3C-8421-9191700514C5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F0D33997-0D65-464E-8AA5-043499C667D1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D13CD6CF-B048-4214-AAA8-AB58BE6C6C5E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv470:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AF1ECB1-6257-41E3-A050-6467063F4807",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv50:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA838CC7-083A-4BF1-9C95-BED6F5A2992C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D0171D69-14A6-4AB0-8377-C233F5E192D8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv870:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0883D805-1BA9-49CE-AEC7-51C9D9A69C5C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0D74A465-1A72-4A02-8A54-FD502BD28119",
"versionEndExcluding": "6.5.4.13-105n",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsa_2600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F86D13F9-D41E-4230-9116-A781FFAEF00D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_2650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B7BCDFEE-DC5A-44B8-85DF-8BFC02B1A973",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_3600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8A24BCC0-CE41-49AF-B03D-D4FCB422503B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_3650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "043858A6-26AC-4EB0-A240-A43AD08C6AD5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_4600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8FD73880-DC60-467F-99B6-69807D58A840",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_4650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "73BB9452-A014-4A68-9662-63E6C60EEAD2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_5600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B0CF683A-7E83-464B-8A0D-4CC641377FA6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_5650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9FAAEBB4-F180-4195-BA7F-591AB02EEDC9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_6600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD9C3F77-2F1A-4C4F-A8F8-CDBFB7B87891",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_6650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "676B05B2-716E-4DC4-BEE8-0E3BCCA5DB27",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:sm_9200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FEF2B435-957C-4BBE-937D-23E4F33189EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:sm_9250:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0CE4FE75-10AD-47D4-AF87-E4C294F89EA8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:sm_9400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B485C543-DFCF-4481-92B4-F7198EE4FBD1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:sm_9450:-:*:*:*:*:*:*:*",
"matchCriteriaId": "928C1C0D-7AF7-4076-B5B2-207DFF3AD6A4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:sm_9600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F030C5AB-36CA-445E-AC87-8DEE18DBB40E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:sm_9650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A1F9D940-8AE2-4B92-B69D-9FF6F48DF16C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:soho_250:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9FDE64E9-44DD-4B7C-BA34-FE2C79E3FAED",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:soho_250w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E8F3935-89B4-4091-9B8C-442C02FD4F3A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:sohow:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7268E89B-FF46-45AD-82FF-333505EF957B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0804FADE-57F7-452F-86B3-079701059D37",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_300p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9956F726-6D62-4616-B60A-4D3DD6F32105",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_300w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "29F4D403-F20A-4802-AAE9-9582486EB436",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_350:-:*:*:*:*:*:*:*",
"matchCriteriaId": "675F28A7-0BB3-4CDA-855E-7EFC650B512E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5983C650-84F6-4B2E-A27E-9E83EA1DDC02",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_400w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BDD4B412-7967-477F-929E-8F12A39186FF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A1D996FA-52D1-47C2-87E6-682EEC9CA532",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_500w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B9DEF6EE-000D-407D-AA2B-E039BA306A2A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C0B8BFA4-2E15-4318-B7A9-DBDE801D0CF0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_600p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DCB8CDE6-8052-40F7-950F-05329499A58A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SonicOS post-authentication Stack-Based Buffer Overflow Vulnerability in the sonicwall.exp, prefs.exp URL endpoints lead to a firewall crash."
},
{
"lang": "es",
"value": "La vulnerabilidad de desbordamiento del b\u00fafer posterior a la autenticaci\u00f3n de SonicOS en los endpoint de URL sonicwall.exp, prefs.exp provoca una falla del firewall."
}
],
"id": "CVE-2023-41711",
"lastModified": "2024-11-21T08:21:31.477",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-10-17T23:15:12.027",
"references": [
{
"source": "PSIRT@sonicwall.com",
"tags": [
"Vendor Advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0012"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0012"
}
],
"sourceIdentifier": "PSIRT@sonicwall.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-121"
}
],
"source": "PSIRT@sonicwall.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-10-17 23:15
Modified
2024-11-21 08:21
Severity ?
Summary
SonicOS Use of Hard-coded Password vulnerability in the 'dynHandleBuyToolbar' demo function.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2C7049FD-8088-4FCE-886A-F4CF5E287D1C",
"versionEndExcluding": "7.0.1-5145",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsa2700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4AFAFCEC-A61E-40EB-87B9-7449751CCAF8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa3700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BC4F132-D29A-4974-86DA-6E35AB05327C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa4700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CBE365CF-DBE9-4C84-AB0C-0CAB7C74ED40",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa5700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "016BB564-CEFC-4E0C-9D38-D9C4C8B2E492",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa6700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5D95DCC6-6F48-4A79-A9F6-BDB1AEFA2180",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nssp10700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15F2741F-3C32-4075-A224-BE272B50E3D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nssp11700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AC883B32-987C-4D34-8BBF-39E2C57A62EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nssp13700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C72EA66A-320C-4D5E-B3F6-6D5F8733E2F1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nssp15700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F8B4A33E-8456-451E-AAF4-7F48BEDACF45",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F5B29EE-9D04-44CC-BB1F-C3C6130D2708",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB6153BB-7B2C-4307-ABE0-0E7E1745DEC7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv1600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "93914C8C-69ED-480C-80F2-4334C00788D8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE26ECE3-9E17-456F-A416-E23A758C9E4C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv25:-:*:*:*:*:*:*:*",
"matchCriteriaId": "67EEA85D-8F9E-4E41-B8B3-119738375A84",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv270:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DACDCE12-74C2-4F3C-8421-9191700514C5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F0D33997-0D65-464E-8AA5-043499C667D1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D13CD6CF-B048-4214-AAA8-AB58BE6C6C5E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv470:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AF1ECB1-6257-41E3-A050-6467063F4807",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv50:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA838CC7-083A-4BF1-9C95-BED6F5A2992C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D0171D69-14A6-4AB0-8377-C233F5E192D8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv870:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0883D805-1BA9-49CE-AEC7-51C9D9A69C5C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz270:-:*:*:*:*:*:*:*",
"matchCriteriaId": "70340DD4-687B-402C-85AF-C2B80D0F1600",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz270w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "52847BA2-470B-4078-A79B-52095DB9214B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz370:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9853AE3A-B0EA-4249-AA7D-1F2051C9BF91",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz370w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4DBDD10C-F89D-4051-BC70-67B41167FF9B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz470:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C23940E-2F9D-447B-A740-42035ED5D400",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz470w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "90C790AD-C40E-4527-8F83-D278282A9600",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz570:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C7DF76E0-8E3D-4E0D-A3BB-F5AE05A4C7C9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz570p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "352DFCF9-E333-41C0-8033-91265768FD8E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz570w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4C882C38-9DA5-4C03-BB23-AB2B448E3307",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz670:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AEEA6065-48D3-4EC7-BD94-CBAE3D1010FF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9B91638E-FB80-4C65-8A37-827488CB3E2C",
"versionEndExcluding": "6.5.4.4-44v-21-2340",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsv10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F5B29EE-9D04-44CC-BB1F-C3C6130D2708",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB6153BB-7B2C-4307-ABE0-0E7E1745DEC7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv1600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "93914C8C-69ED-480C-80F2-4334C00788D8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE26ECE3-9E17-456F-A416-E23A758C9E4C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv25:-:*:*:*:*:*:*:*",
"matchCriteriaId": "67EEA85D-8F9E-4E41-B8B3-119738375A84",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv270:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DACDCE12-74C2-4F3C-8421-9191700514C5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F0D33997-0D65-464E-8AA5-043499C667D1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D13CD6CF-B048-4214-AAA8-AB58BE6C6C5E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv470:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AF1ECB1-6257-41E3-A050-6467063F4807",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv50:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA838CC7-083A-4BF1-9C95-BED6F5A2992C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D0171D69-14A6-4AB0-8377-C233F5E192D8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv870:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0883D805-1BA9-49CE-AEC7-51C9D9A69C5C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0D74A465-1A72-4A02-8A54-FD502BD28119",
"versionEndExcluding": "6.5.4.13-105n",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsa_2600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F86D13F9-D41E-4230-9116-A781FFAEF00D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_2650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B7BCDFEE-DC5A-44B8-85DF-8BFC02B1A973",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_3600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8A24BCC0-CE41-49AF-B03D-D4FCB422503B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_3650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "043858A6-26AC-4EB0-A240-A43AD08C6AD5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_4600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8FD73880-DC60-467F-99B6-69807D58A840",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_4650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "73BB9452-A014-4A68-9662-63E6C60EEAD2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_5600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B0CF683A-7E83-464B-8A0D-4CC641377FA6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_5650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9FAAEBB4-F180-4195-BA7F-591AB02EEDC9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_6600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD9C3F77-2F1A-4C4F-A8F8-CDBFB7B87891",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_6650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "676B05B2-716E-4DC4-BEE8-0E3BCCA5DB27",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:sm_9200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FEF2B435-957C-4BBE-937D-23E4F33189EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:sm_9250:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0CE4FE75-10AD-47D4-AF87-E4C294F89EA8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:sm_9400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B485C543-DFCF-4481-92B4-F7198EE4FBD1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:sm_9450:-:*:*:*:*:*:*:*",
"matchCriteriaId": "928C1C0D-7AF7-4076-B5B2-207DFF3AD6A4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:sm_9600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F030C5AB-36CA-445E-AC87-8DEE18DBB40E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:sm_9650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A1F9D940-8AE2-4B92-B69D-9FF6F48DF16C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:soho_250:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9FDE64E9-44DD-4B7C-BA34-FE2C79E3FAED",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:soho_250w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E8F3935-89B4-4091-9B8C-442C02FD4F3A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:sohow:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7268E89B-FF46-45AD-82FF-333505EF957B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0804FADE-57F7-452F-86B3-079701059D37",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_300p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9956F726-6D62-4616-B60A-4D3DD6F32105",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_300w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "29F4D403-F20A-4802-AAE9-9582486EB436",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_350:-:*:*:*:*:*:*:*",
"matchCriteriaId": "675F28A7-0BB3-4CDA-855E-7EFC650B512E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5983C650-84F6-4B2E-A27E-9E83EA1DDC02",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_400w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BDD4B412-7967-477F-929E-8F12A39186FF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A1D996FA-52D1-47C2-87E6-682EEC9CA532",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_500w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B9DEF6EE-000D-407D-AA2B-E039BA306A2A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C0B8BFA4-2E15-4318-B7A9-DBDE801D0CF0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_600p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DCB8CDE6-8052-40F7-950F-05329499A58A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SonicOS Use of Hard-coded Password vulnerability in the \u0027dynHandleBuyToolbar\u0027 demo function."
},
{
"lang": "es",
"value": "SonicOS utiliza la vulnerabilidad de contrase\u00f1a codificada en la funci\u00f3n de demostraci\u00f3n \u0027dynHandleBuyToolbar\u0027."
}
],
"id": "CVE-2023-41713",
"lastModified": "2024-11-21T08:21:31.807",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-10-17T23:15:12.160",
"references": [
{
"source": "PSIRT@sonicwall.com",
"tags": [
"Vendor Advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0012"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0012"
}
],
"sourceIdentifier": "PSIRT@sonicwall.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-259"
}
],
"source": "PSIRT@sonicwall.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-798"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-10-17 23:15
Modified
2024-11-21 08:15
Severity ?
Summary
SonicOS post-authentication stack-based buffer overflow vulnerability in the sonicflow.csv and appflowsessions.csv URL endpoints leads to a firewall crash.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2C7049FD-8088-4FCE-886A-F4CF5E287D1C",
"versionEndExcluding": "7.0.1-5145",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsa2700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4AFAFCEC-A61E-40EB-87B9-7449751CCAF8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa3700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BC4F132-D29A-4974-86DA-6E35AB05327C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa4700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CBE365CF-DBE9-4C84-AB0C-0CAB7C74ED40",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa5700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "016BB564-CEFC-4E0C-9D38-D9C4C8B2E492",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa6700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5D95DCC6-6F48-4A79-A9F6-BDB1AEFA2180",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nssp10700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15F2741F-3C32-4075-A224-BE272B50E3D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nssp11700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AC883B32-987C-4D34-8BBF-39E2C57A62EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nssp13700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C72EA66A-320C-4D5E-B3F6-6D5F8733E2F1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nssp15700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F8B4A33E-8456-451E-AAF4-7F48BEDACF45",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F5B29EE-9D04-44CC-BB1F-C3C6130D2708",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB6153BB-7B2C-4307-ABE0-0E7E1745DEC7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv1600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "93914C8C-69ED-480C-80F2-4334C00788D8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE26ECE3-9E17-456F-A416-E23A758C9E4C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv25:-:*:*:*:*:*:*:*",
"matchCriteriaId": "67EEA85D-8F9E-4E41-B8B3-119738375A84",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv270:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DACDCE12-74C2-4F3C-8421-9191700514C5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F0D33997-0D65-464E-8AA5-043499C667D1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D13CD6CF-B048-4214-AAA8-AB58BE6C6C5E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv470:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AF1ECB1-6257-41E3-A050-6467063F4807",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv50:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA838CC7-083A-4BF1-9C95-BED6F5A2992C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D0171D69-14A6-4AB0-8377-C233F5E192D8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv870:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0883D805-1BA9-49CE-AEC7-51C9D9A69C5C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz270:-:*:*:*:*:*:*:*",
"matchCriteriaId": "70340DD4-687B-402C-85AF-C2B80D0F1600",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz270w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "52847BA2-470B-4078-A79B-52095DB9214B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz370:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9853AE3A-B0EA-4249-AA7D-1F2051C9BF91",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz370w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4DBDD10C-F89D-4051-BC70-67B41167FF9B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz470:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C23940E-2F9D-447B-A740-42035ED5D400",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz470w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "90C790AD-C40E-4527-8F83-D278282A9600",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz570:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C7DF76E0-8E3D-4E0D-A3BB-F5AE05A4C7C9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz570p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "352DFCF9-E333-41C0-8033-91265768FD8E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz570w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4C882C38-9DA5-4C03-BB23-AB2B448E3307",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz670:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AEEA6065-48D3-4EC7-BD94-CBAE3D1010FF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9B91638E-FB80-4C65-8A37-827488CB3E2C",
"versionEndExcluding": "6.5.4.4-44v-21-2340",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsv10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F5B29EE-9D04-44CC-BB1F-C3C6130D2708",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB6153BB-7B2C-4307-ABE0-0E7E1745DEC7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv1600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "93914C8C-69ED-480C-80F2-4334C00788D8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE26ECE3-9E17-456F-A416-E23A758C9E4C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv25:-:*:*:*:*:*:*:*",
"matchCriteriaId": "67EEA85D-8F9E-4E41-B8B3-119738375A84",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv270:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DACDCE12-74C2-4F3C-8421-9191700514C5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F0D33997-0D65-464E-8AA5-043499C667D1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D13CD6CF-B048-4214-AAA8-AB58BE6C6C5E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv470:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AF1ECB1-6257-41E3-A050-6467063F4807",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv50:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA838CC7-083A-4BF1-9C95-BED6F5A2992C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D0171D69-14A6-4AB0-8377-C233F5E192D8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv870:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0883D805-1BA9-49CE-AEC7-51C9D9A69C5C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0D74A465-1A72-4A02-8A54-FD502BD28119",
"versionEndExcluding": "6.5.4.13-105n",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsa_2600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F86D13F9-D41E-4230-9116-A781FFAEF00D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_2650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B7BCDFEE-DC5A-44B8-85DF-8BFC02B1A973",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_3600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8A24BCC0-CE41-49AF-B03D-D4FCB422503B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_3650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "043858A6-26AC-4EB0-A240-A43AD08C6AD5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_4600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8FD73880-DC60-467F-99B6-69807D58A840",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_4650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "73BB9452-A014-4A68-9662-63E6C60EEAD2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_5600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B0CF683A-7E83-464B-8A0D-4CC641377FA6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_5650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9FAAEBB4-F180-4195-BA7F-591AB02EEDC9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_6600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD9C3F77-2F1A-4C4F-A8F8-CDBFB7B87891",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_6650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "676B05B2-716E-4DC4-BEE8-0E3BCCA5DB27",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:sm_9200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FEF2B435-957C-4BBE-937D-23E4F33189EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:sm_9250:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0CE4FE75-10AD-47D4-AF87-E4C294F89EA8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:sm_9400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B485C543-DFCF-4481-92B4-F7198EE4FBD1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:sm_9450:-:*:*:*:*:*:*:*",
"matchCriteriaId": "928C1C0D-7AF7-4076-B5B2-207DFF3AD6A4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:sm_9600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F030C5AB-36CA-445E-AC87-8DEE18DBB40E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:sm_9650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A1F9D940-8AE2-4B92-B69D-9FF6F48DF16C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:soho_250:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9FDE64E9-44DD-4B7C-BA34-FE2C79E3FAED",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:soho_250w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E8F3935-89B4-4091-9B8C-442C02FD4F3A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:sohow:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7268E89B-FF46-45AD-82FF-333505EF957B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0804FADE-57F7-452F-86B3-079701059D37",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_300p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9956F726-6D62-4616-B60A-4D3DD6F32105",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_300w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "29F4D403-F20A-4802-AAE9-9582486EB436",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_350:-:*:*:*:*:*:*:*",
"matchCriteriaId": "675F28A7-0BB3-4CDA-855E-7EFC650B512E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5983C650-84F6-4B2E-A27E-9E83EA1DDC02",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_400w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BDD4B412-7967-477F-929E-8F12A39186FF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A1D996FA-52D1-47C2-87E6-682EEC9CA532",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_500w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B9DEF6EE-000D-407D-AA2B-E039BA306A2A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C0B8BFA4-2E15-4318-B7A9-DBDE801D0CF0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_600p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DCB8CDE6-8052-40F7-950F-05329499A58A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "\nSonicOS post-authentication stack-based buffer overflow vulnerability in the sonicflow.csv and appflowsessions.csv URL endpoints leads to a firewall crash."
},
{
"lang": "es",
"value": "La vulnerabilidad de desbordamiento del b\u00fafer de autenticaci\u00f3n posterior de SonicOS en los endpoints de URL sonicflow.csv y appflowsessions.csv provoca una falla del firewall."
}
],
"id": "CVE-2023-39277",
"lastModified": "2024-11-21T08:15:02.753",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-10-17T23:15:11.660",
"references": [
{
"source": "PSIRT@sonicwall.com",
"tags": [
"Vendor Advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0012"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0012"
}
],
"sourceIdentifier": "PSIRT@sonicwall.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-121"
}
],
"source": "PSIRT@sonicwall.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-10-17 23:15
Modified
2024-11-21 08:15
Severity ?
Summary
SonicOS post-authentication Stack-Based Buffer Overflow vulnerability in the getPacketReplayData.json URL endpoint leads to a firewall crash.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2C7049FD-8088-4FCE-886A-F4CF5E287D1C",
"versionEndExcluding": "7.0.1-5145",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsa2700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4AFAFCEC-A61E-40EB-87B9-7449751CCAF8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa3700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BC4F132-D29A-4974-86DA-6E35AB05327C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa4700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CBE365CF-DBE9-4C84-AB0C-0CAB7C74ED40",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa5700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "016BB564-CEFC-4E0C-9D38-D9C4C8B2E492",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa6700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5D95DCC6-6F48-4A79-A9F6-BDB1AEFA2180",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nssp10700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15F2741F-3C32-4075-A224-BE272B50E3D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nssp11700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AC883B32-987C-4D34-8BBF-39E2C57A62EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nssp13700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C72EA66A-320C-4D5E-B3F6-6D5F8733E2F1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nssp15700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F8B4A33E-8456-451E-AAF4-7F48BEDACF45",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F5B29EE-9D04-44CC-BB1F-C3C6130D2708",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB6153BB-7B2C-4307-ABE0-0E7E1745DEC7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv1600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "93914C8C-69ED-480C-80F2-4334C00788D8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE26ECE3-9E17-456F-A416-E23A758C9E4C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv25:-:*:*:*:*:*:*:*",
"matchCriteriaId": "67EEA85D-8F9E-4E41-B8B3-119738375A84",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv270:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DACDCE12-74C2-4F3C-8421-9191700514C5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F0D33997-0D65-464E-8AA5-043499C667D1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D13CD6CF-B048-4214-AAA8-AB58BE6C6C5E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv470:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AF1ECB1-6257-41E3-A050-6467063F4807",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv50:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA838CC7-083A-4BF1-9C95-BED6F5A2992C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D0171D69-14A6-4AB0-8377-C233F5E192D8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv870:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0883D805-1BA9-49CE-AEC7-51C9D9A69C5C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz270:-:*:*:*:*:*:*:*",
"matchCriteriaId": "70340DD4-687B-402C-85AF-C2B80D0F1600",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz270w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "52847BA2-470B-4078-A79B-52095DB9214B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz370:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9853AE3A-B0EA-4249-AA7D-1F2051C9BF91",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz370w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4DBDD10C-F89D-4051-BC70-67B41167FF9B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz470:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C23940E-2F9D-447B-A740-42035ED5D400",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz470w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "90C790AD-C40E-4527-8F83-D278282A9600",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz570:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C7DF76E0-8E3D-4E0D-A3BB-F5AE05A4C7C9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz570p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "352DFCF9-E333-41C0-8033-91265768FD8E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz570w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4C882C38-9DA5-4C03-BB23-AB2B448E3307",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz670:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AEEA6065-48D3-4EC7-BD94-CBAE3D1010FF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9B91638E-FB80-4C65-8A37-827488CB3E2C",
"versionEndExcluding": "6.5.4.4-44v-21-2340",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsv10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F5B29EE-9D04-44CC-BB1F-C3C6130D2708",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB6153BB-7B2C-4307-ABE0-0E7E1745DEC7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv1600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "93914C8C-69ED-480C-80F2-4334C00788D8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE26ECE3-9E17-456F-A416-E23A758C9E4C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv25:-:*:*:*:*:*:*:*",
"matchCriteriaId": "67EEA85D-8F9E-4E41-B8B3-119738375A84",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv270:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DACDCE12-74C2-4F3C-8421-9191700514C5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F0D33997-0D65-464E-8AA5-043499C667D1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D13CD6CF-B048-4214-AAA8-AB58BE6C6C5E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv470:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AF1ECB1-6257-41E3-A050-6467063F4807",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv50:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA838CC7-083A-4BF1-9C95-BED6F5A2992C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D0171D69-14A6-4AB0-8377-C233F5E192D8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv870:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0883D805-1BA9-49CE-AEC7-51C9D9A69C5C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0D74A465-1A72-4A02-8A54-FD502BD28119",
"versionEndExcluding": "6.5.4.13-105n",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsa_2600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F86D13F9-D41E-4230-9116-A781FFAEF00D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_2650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B7BCDFEE-DC5A-44B8-85DF-8BFC02B1A973",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_3600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8A24BCC0-CE41-49AF-B03D-D4FCB422503B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_3650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "043858A6-26AC-4EB0-A240-A43AD08C6AD5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_4600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8FD73880-DC60-467F-99B6-69807D58A840",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_4650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "73BB9452-A014-4A68-9662-63E6C60EEAD2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_5600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B0CF683A-7E83-464B-8A0D-4CC641377FA6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_5650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9FAAEBB4-F180-4195-BA7F-591AB02EEDC9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_6600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD9C3F77-2F1A-4C4F-A8F8-CDBFB7B87891",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_6650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "676B05B2-716E-4DC4-BEE8-0E3BCCA5DB27",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:sm_9200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FEF2B435-957C-4BBE-937D-23E4F33189EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:sm_9250:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0CE4FE75-10AD-47D4-AF87-E4C294F89EA8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:sm_9400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B485C543-DFCF-4481-92B4-F7198EE4FBD1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:sm_9450:-:*:*:*:*:*:*:*",
"matchCriteriaId": "928C1C0D-7AF7-4076-B5B2-207DFF3AD6A4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:sm_9600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F030C5AB-36CA-445E-AC87-8DEE18DBB40E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:sm_9650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A1F9D940-8AE2-4B92-B69D-9FF6F48DF16C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:soho_250:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9FDE64E9-44DD-4B7C-BA34-FE2C79E3FAED",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:soho_250w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E8F3935-89B4-4091-9B8C-442C02FD4F3A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:sohow:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7268E89B-FF46-45AD-82FF-333505EF957B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0804FADE-57F7-452F-86B3-079701059D37",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_300p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9956F726-6D62-4616-B60A-4D3DD6F32105",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_300w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "29F4D403-F20A-4802-AAE9-9582486EB436",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_350:-:*:*:*:*:*:*:*",
"matchCriteriaId": "675F28A7-0BB3-4CDA-855E-7EFC650B512E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5983C650-84F6-4B2E-A27E-9E83EA1DDC02",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_400w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BDD4B412-7967-477F-929E-8F12A39186FF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A1D996FA-52D1-47C2-87E6-682EEC9CA532",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_500w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B9DEF6EE-000D-407D-AA2B-E039BA306A2A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C0B8BFA4-2E15-4318-B7A9-DBDE801D0CF0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_600p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DCB8CDE6-8052-40F7-950F-05329499A58A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SonicOS post-authentication Stack-Based Buffer Overflow vulnerability in the getPacketReplayData.json URL endpoint leads to a firewall crash."
},
{
"lang": "es",
"value": "La vulnerabilidad de desbordamiento del b\u00fafer basado posterior a la autenticaci\u00f3n de SonicOS en el endpoint de URL getPacketReplayData.json provoca una falla del firewall."
}
],
"id": "CVE-2023-39279",
"lastModified": "2024-11-21T08:15:03.063",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-10-17T23:15:11.790",
"references": [
{
"source": "PSIRT@sonicwall.com",
"tags": [
"Vendor Advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0012"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0012"
}
],
"sourceIdentifier": "PSIRT@sonicwall.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-121"
}
],
"source": "PSIRT@sonicwall.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}