All the vulnerabilites related to sonicwall - tz570p
cve-2023-39278
Vulnerability from cvelistv5
Published
2023-10-17 22:12
Modified
2024-09-13 16:01
Severity ?
EPSS score ?
Summary
SonicOS post-authentication user assertion failure leads to Stack-Based Buffer Overflow vulnerability via main.cgi leads to a firewall crash.
References
| ▼ | URL | Tags |
|---|---|---|
| https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0012 | vendor-advisory |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T18:02:06.911Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0012"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-39278",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-13T16:01:40.078298Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-13T16:01:51.265Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"modules": [
"Management",
"SSLVPN"
],
"product": "SonicOS",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "7.0.1-5119 and earlier versions"
},
{
"status": "affected",
"version": "7.0.1-5129 and earlier versions"
},
{
"status": "affected",
"version": "6.5.4.4-44v-21-2079 and earlier versions"
},
{
"status": "affected",
"version": "6.5.4.12-101n and earlier versions"
}
]
}
],
"datePublic": "2023-10-17T22:12:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "SonicOS post-authentication user assertion failure leads to Stack-Based Buffer Overflow vulnerability via main.cgi leads to a firewall crash.\u003cbr\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003cb\u003e\u003c/b\u003e\u003c/span\u003e"
}
],
"value": "SonicOS post-authentication user assertion failure leads to Stack-Based Buffer Overflow vulnerability via main.cgi leads to a firewall crash.\n"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121 Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-17T22:12:29.594Z",
"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"shortName": "sonicwall"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0012"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"assignerShortName": "sonicwall",
"cveId": "CVE-2023-39278",
"datePublished": "2023-10-17T22:12:29.594Z",
"dateReserved": "2023-07-27T00:07:04.124Z",
"dateUpdated": "2024-09-13T16:01:51.265Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-0656
Vulnerability from cvelistv5
Published
2023-03-02 00:00
Modified
2024-08-02 05:17
Severity ?
EPSS score ?
Summary
A Stack-based buffer overflow vulnerability in the SonicOS allows a remote unauthenticated attacker to cause Denial of Service (DoS), which could cause an impacted firewall to crash.
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T05:17:50.372Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0004"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "SonicOS",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "SonicOS NSv 6.5.4.4-44v-21-1551 and earlier"
},
{
"status": "affected",
"version": "SonicOS NSsp 7.0.1-5083 and earlier"
},
{
"status": "affected",
"version": "SonicOS 7.0.1-5095 and earlier"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A Stack-based buffer overflow vulnerability in the SonicOS allows a remote unauthenticated attacker to cause Denial of Service (DoS), which could cause an impacted firewall to crash."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121: Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-03-02T00:00:00",
"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"shortName": "sonicwall"
},
"references": [
{
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0004"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"assignerShortName": "sonicwall",
"cveId": "CVE-2023-0656",
"datePublished": "2023-03-02T00:00:00",
"dateReserved": "2023-02-02T00:00:00",
"dateUpdated": "2024-08-02T05:17:50.372Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-41715
Vulnerability from cvelistv5
Published
2023-10-17 22:33
Modified
2024-08-02 19:01
Severity ?
EPSS score ?
Summary
SonicOS post-authentication Improper Privilege Management vulnerability in the SonicOS SSL VPN Tunnel allows users to elevate their privileges inside the tunnel.
References
| ▼ | URL | Tags |
|---|---|---|
| https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0012 | vendor-advisory |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:01:35.411Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0012"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"modules": [
"Management",
"SSLVPN"
],
"product": "SonicOS",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "7.0.1-5119 and earlier versions"
},
{
"status": "affected",
"version": "7.0.1-5129 and earlier versions"
},
{
"status": "affected",
"version": "6.5.4.4-44v-21-2079 and earlier versions"
},
{
"status": "affected",
"version": "6.5.4.12-101n and earlier versions"
}
]
}
],
"datePublic": "2023-10-17T22:33:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "SonicOS post-authentication Improper Privilege Management vulnerability in the SonicOS SSL VPN Tunnel allows users to elevate their privileges inside the tunnel.\u003cbr\u003e"
}
],
"value": "SonicOS post-authentication Improper Privilege Management vulnerability in the SonicOS SSL VPN Tunnel allows users to elevate their privileges inside the tunnel.\n"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269 Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-17T22:33:57.440Z",
"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"shortName": "sonicwall"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0012"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"assignerShortName": "sonicwall",
"cveId": "CVE-2023-41715",
"datePublished": "2023-10-17T22:33:57.440Z",
"dateReserved": "2023-08-30T17:07:28.452Z",
"dateUpdated": "2024-08-02T19:01:35.411Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-1101
Vulnerability from cvelistv5
Published
2023-03-02 00:00
Modified
2024-08-02 05:32
Severity ?
EPSS score ?
Summary
SonicOS SSLVPN improper restriction of excessive MFA attempts vulnerability allows an authenticated attacker to use excessive MFA codes.
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T05:32:46.405Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0005"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "SonicOS",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "SonicOS 6.5.4.11-97n and earlier"
},
{
"status": "affected",
"version": "SonicOS NSv 6.5.4.4-44v-21-1551 and earlier"
},
{
"status": "affected",
"version": "SonicOS NSsp 7.0.1-5083 and earlier"
},
{
"status": "affected",
"version": "SonicOS 7.0.1-5095 and earlier"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "SonicOS SSLVPN improper restriction of excessive MFA attempts vulnerability allows an authenticated attacker to use excessive MFA codes."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-307",
"description": "CWE-307: Improper Restriction of Excessive Authentication Attempts",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-03-02T00:00:00",
"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"shortName": "sonicwall"
},
"references": [
{
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0005"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"assignerShortName": "sonicwall",
"cveId": "CVE-2023-1101",
"datePublished": "2023-03-02T00:00:00",
"dateReserved": "2023-02-28T00:00:00",
"dateUpdated": "2024-08-02T05:32:46.405Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-47522
Vulnerability from cvelistv5
Published
2023-04-15 00:00
Modified
2024-08-03 14:55
Severity ?
EPSS score ?
Summary
The IEEE 802.11 specifications through 802.11ax allow physically proximate attackers to intercept (possibly cleartext) target-destined frames by spoofing a target's MAC address, sending Power Save frames to the access point, and then sending other frames to the access point (such as authentication frames or re-association frames) to remove the target's original security context. This behavior occurs because the specifications do not require an access point to purge its transmit queue before removing a client's pairwise encryption key.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T14:55:08.299Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.wi-fi.org/discover-wi-fi/passpoint"
},
{
"tags": [
"x_transferred"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0006"
},
{
"tags": [
"x_transferred"
],
"url": "https://papers.mathyvanhoef.com/usenix2023-wifi.pdf"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.freebsd.org/security/advisories/FreeBSD-SA-23:11.wifi.asc"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The IEEE 802.11 specifications through 802.11ax allow physically proximate attackers to intercept (possibly cleartext) target-destined frames by spoofing a target\u0027s MAC address, sending Power Save frames to the access point, and then sending other frames to the access point (such as authentication frames or re-association frames) to remove the target\u0027s original security context. This behavior occurs because the specifications do not require an access point to purge its transmit queue before removing a client\u0027s pairwise encryption key."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-07T05:52:20.794361",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://www.wi-fi.org/discover-wi-fi/passpoint"
},
{
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0006"
},
{
"url": "https://papers.mathyvanhoef.com/usenix2023-wifi.pdf"
},
{
"url": "https://www.freebsd.org/security/advisories/FreeBSD-SA-23:11.wifi.asc"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-47522",
"datePublished": "2023-04-15T00:00:00",
"dateReserved": "2022-12-18T00:00:00",
"dateUpdated": "2024-08-03T14:55:08.299Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-39276
Vulnerability from cvelistv5
Published
2023-10-17 22:04
Modified
2024-09-13 16:04
Severity ?
EPSS score ?
Summary
SonicOS post-authentication stack-based buffer overflow vulnerability in the getBookmarkList.json URL endpoint leads to a firewall crash.
References
| ▼ | URL | Tags |
|---|---|---|
| https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0012 | vendor-advisory |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T18:02:06.830Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0012"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-39276",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-13T16:04:23.771929Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-13T16:04:35.863Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"modules": [
"Management",
"SSLVPN"
],
"product": "SonicOS",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "7.0.1-5119 and earlier versions"
},
{
"status": "affected",
"version": "7.0.1-5129 and earlier versions"
},
{
"status": "affected",
"version": "6.5.4.4-44v-21-2079 and earlier versions"
},
{
"status": "affected",
"version": "6.5.4.12-101n and earlier versions"
}
]
}
],
"datePublic": "2023-10-17T22:04:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\nSonicOS post-authentication stack-based buffer overflow vulnerability in the getBookmarkList.json URL endpoint leads to a firewall crash.\n\n\u003cbr\u003e"
}
],
"value": "\nSonicOS post-authentication stack-based buffer overflow vulnerability in the getBookmarkList.json URL endpoint leads to a firewall crash.\n\n\n"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121 Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-17T22:04:34.956Z",
"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"shortName": "sonicwall"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0012"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"assignerShortName": "sonicwall",
"cveId": "CVE-2023-39276",
"datePublished": "2023-10-17T22:04:34.956Z",
"dateReserved": "2023-07-27T00:07:04.124Z",
"dateUpdated": "2024-09-13T16:04:35.863Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-22275
Vulnerability from cvelistv5
Published
2022-04-27 16:25
Modified
2024-08-03 03:07
Severity ?
EPSS score ?
Summary
Improper Restriction of TCP Communication Channel in HTTP/S inbound traffic from WAN to DMZ bypassing security policy until TCP handshake potentially resulting in Denial of Service (DoS) attack if a target host is vulnerable.
References
| ▼ | URL | Tags |
|---|---|---|
| https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0004 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | SonicWall | SonicOS |
Version: SonicOS Gen 7 TZ-Series 7.0.1-5030-R2007 and earlier versions. Version: SonicOS Gen 7 NSa-Series 7.0.1-5030-R2007 and earlier versions. Version: SonicOS Gen 7 NSv-Series 7.0.1.0-5030-1391 and earlier versions. Version: SonicOS Gen 7 NSsp-Series 7.0.1-5030-R780 and earlier versions. |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:07:50.213Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0004"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "SonicOS",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "SonicOS Gen 7 TZ-Series 7.0.1-5030-R2007 and earlier versions."
},
{
"status": "affected",
"version": "SonicOS Gen 7 NSa-Series 7.0.1-5030-R2007 and earlier versions."
},
{
"status": "affected",
"version": "SonicOS Gen 7 NSv-Series 7.0.1.0-5030-1391 and earlier versions."
},
{
"status": "affected",
"version": "SonicOS Gen 7 NSsp-Series 7.0.1-5030-R780 and earlier versions."
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper Restriction of TCP Communication Channel in HTTP/S inbound traffic from WAN to DMZ bypassing security policy until TCP handshake potentially resulting in Denial of Service (DoS) attack if a target host is vulnerable."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400: Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-27T16:25:13",
"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"shortName": "sonicwall"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0004"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "PSIRT@sonicwall.com",
"ID": "CVE-2022-22275",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SonicOS",
"version": {
"version_data": [
{
"version_value": "SonicOS Gen 7 TZ-Series 7.0.1-5030-R2007 and earlier versions."
},
{
"version_value": "SonicOS Gen 7 NSa-Series 7.0.1-5030-R2007 and earlier versions."
},
{
"version_value": "SonicOS Gen 7 NSv-Series 7.0.1.0-5030-1391 and earlier versions."
},
{
"version_value": "SonicOS Gen 7 NSsp-Series 7.0.1-5030-R780 and earlier versions."
}
]
}
}
]
},
"vendor_name": "SonicWall"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Improper Restriction of TCP Communication Channel in HTTP/S inbound traffic from WAN to DMZ bypassing security policy until TCP handshake potentially resulting in Denial of Service (DoS) attack if a target host is vulnerable."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-400: Uncontrolled Resource Consumption"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0004",
"refsource": "CONFIRM",
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0004"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"assignerShortName": "sonicwall",
"cveId": "CVE-2022-22275",
"datePublished": "2022-04-27T16:25:13",
"dateReserved": "2021-12-29T00:00:00",
"dateUpdated": "2024-08-03T03:07:50.213Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-20027
Vulnerability from cvelistv5
Published
2021-06-14 22:30
Modified
2024-08-03 17:30
Severity ?
EPSS score ?
Summary
A buffer overflow vulnerability in SonicOS allows a remote attacker to cause a Denial of Service (DoS) by sending a specially crafted request. This vulnerability affects SonicOS Gen5, Gen6, Gen7 platforms, and SonicOSv virtual firewalls.
References
| ▼ | URL | Tags |
|---|---|---|
| https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0016 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | SonicWall | SonicOS |
Version: SonicOS 5.9.1.13 and earlier Version: SonicOSv 6.5.4.4 and earlier Version: SonicOS 6.0.5.3 and earlier Version: SonicOS 6.5.1.12 and earlier Version: SonicOS 6.5.4.7 and earlier Version: SonicOS 7.0.1-R1219 and earlier Version: SonicOS 7.0.1-R514 and earlier Version: SonicOS 7.0.1-R1262 and earlier |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T17:30:07.579Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0016"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "SonicOS",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "SonicOS 5.9.1.13 and earlier"
},
{
"status": "affected",
"version": "SonicOSv 6.5.4.4 and earlier"
},
{
"status": "affected",
"version": "SonicOS 6.0.5.3 and earlier"
},
{
"status": "affected",
"version": "SonicOS 6.5.1.12 and earlier"
},
{
"status": "affected",
"version": "SonicOS 6.5.4.7 and earlier"
},
{
"status": "affected",
"version": "SonicOS 7.0.1-R1219 and earlier"
},
{
"status": "affected",
"version": "SonicOS 7.0.1-R514 and earlier"
},
{
"status": "affected",
"version": "SonicOS 7.0.1-R1262 and earlier"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A buffer overflow vulnerability in SonicOS allows a remote attacker to cause a Denial of Service (DoS) by sending a specially crafted request. This vulnerability affects SonicOS Gen5, Gen6, Gen7 platforms, and SonicOSv virtual firewalls."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-120",
"description": "CWE-120: Buffer Copy without Checking Size of Input",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-14T22:30:11",
"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"shortName": "sonicwall"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0016"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "PSIRT@sonicwall.com",
"ID": "CVE-2021-20027",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SonicOS",
"version": {
"version_data": [
{
"version_value": "SonicOS 5.9.1.13 and earlier"
},
{
"version_value": "SonicOSv 6.5.4.4 and earlier"
},
{
"version_value": "SonicOS 6.0.5.3 and earlier"
},
{
"version_value": "SonicOS 6.5.1.12 and earlier"
},
{
"version_value": "SonicOS 6.5.4.7 and earlier"
},
{
"version_value": "SonicOS 7.0.1-R1219 and earlier"
},
{
"version_value": "SonicOS 7.0.1-R514 and earlier"
},
{
"version_value": "SonicOS 7.0.1-R1262 and earlier"
}
]
}
}
]
},
"vendor_name": "SonicWall"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A buffer overflow vulnerability in SonicOS allows a remote attacker to cause a Denial of Service (DoS) by sending a specially crafted request. This vulnerability affects SonicOS Gen5, Gen6, Gen7 platforms, and SonicOSv virtual firewalls."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-120: Buffer Copy without Checking Size of Input"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0016",
"refsource": "CONFIRM",
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0016"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"assignerShortName": "sonicwall",
"cveId": "CVE-2021-20027",
"datePublished": "2021-06-14T22:30:11",
"dateReserved": "2020-12-17T00:00:00",
"dateUpdated": "2024-08-03T17:30:07.579Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-39277
Vulnerability from cvelistv5
Published
2023-10-17 22:08
Modified
2024-09-13 16:03
Severity ?
EPSS score ?
Summary
SonicOS post-authentication stack-based buffer overflow vulnerability in the sonicflow.csv and appflowsessions.csv URL endpoints leads to a firewall crash.
References
| ▼ | URL | Tags |
|---|---|---|
| https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0012 | vendor-advisory |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T18:02:06.752Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0012"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-39277",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-13T16:02:52.041284Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-13T16:03:01.532Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"modules": [
"Management",
"SSLVPN"
],
"product": "SonicOS",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "7.0.1-5119 and earlier versions"
},
{
"status": "affected",
"version": "7.0.1-5129 and earlier versions"
},
{
"status": "affected",
"version": "6.5.4.4-44v-21-2079 and earlier versions"
},
{
"status": "affected",
"version": "6.5.4.12-101n and earlier versions"
}
]
}
],
"datePublic": "2023-10-17T22:08:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eSonicOS post-authentication stack-based buffer overflow vulnerability \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003ein the sonicflow.csv and appflowsessions.csv URL endpoints leads to a firewall crash.\u003c/span\u003e"
}
],
"value": "\nSonicOS post-authentication stack-based buffer overflow vulnerability in the sonicflow.csv and appflowsessions.csv URL endpoints leads to a firewall crash."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121 Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-17T22:08:55.318Z",
"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"shortName": "sonicwall"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0012"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"assignerShortName": "sonicwall",
"cveId": "CVE-2023-39277",
"datePublished": "2023-10-17T22:08:55.318Z",
"dateReserved": "2023-07-27T00:07:04.124Z",
"dateUpdated": "2024-09-13T16:03:01.532Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-22278
Vulnerability from cvelistv5
Published
2022-04-27 16:25
Modified
2024-08-03 03:07
Severity ?
EPSS score ?
Summary
A vulnerability in SonicOS CFS (Content filtering service) returns a large 403 forbidden HTTP response message to the source address when users try to access prohibited resource this allows an attacker to cause HTTP Denial of Service (DoS) attack
References
| ▼ | URL | Tags |
|---|---|---|
| https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0004 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | SonicWall | SonicOS |
Version: SonicOS Gen 7 TZ-Series 7.0.1-5030-R2007 and earlier versions. Version: SonicOS Gen 7 NSa-Series 7.0.1-5030-R2007 and earlier versions. Version: SonicOS Gen 7 NSv-Series 7.0.1.0-5030-1391 and earlier versions. Version: SonicOS Gen 7 NSsp-Series 7.0.1-5030-R780 and earlier versions. |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:07:50.277Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0004"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "SonicOS",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "SonicOS Gen 7 TZ-Series 7.0.1-5030-R2007 and earlier versions."
},
{
"status": "affected",
"version": "SonicOS Gen 7 NSa-Series 7.0.1-5030-R2007 and earlier versions."
},
{
"status": "affected",
"version": "SonicOS Gen 7 NSv-Series 7.0.1.0-5030-1391 and earlier versions."
},
{
"status": "affected",
"version": "SonicOS Gen 7 NSsp-Series 7.0.1-5030-R780 and earlier versions."
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in SonicOS CFS (Content filtering service) returns a large 403 forbidden HTTP response message to the source address when users try to access prohibited resource this allows an attacker to cause HTTP Denial of Service (DoS) attack"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-770",
"description": "CWE-770: Allocation of Resources Without Limits or Throttling",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-27T16:25:18",
"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"shortName": "sonicwall"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0004"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "PSIRT@sonicwall.com",
"ID": "CVE-2022-22278",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SonicOS",
"version": {
"version_data": [
{
"version_value": "SonicOS Gen 7 TZ-Series 7.0.1-5030-R2007 and earlier versions."
},
{
"version_value": "SonicOS Gen 7 NSa-Series 7.0.1-5030-R2007 and earlier versions."
},
{
"version_value": "SonicOS Gen 7 NSv-Series 7.0.1.0-5030-1391 and earlier versions."
},
{
"version_value": "SonicOS Gen 7 NSsp-Series 7.0.1-5030-R780 and earlier versions."
}
]
}
}
]
},
"vendor_name": "SonicWall"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in SonicOS CFS (Content filtering service) returns a large 403 forbidden HTTP response message to the source address when users try to access prohibited resource this allows an attacker to cause HTTP Denial of Service (DoS) attack"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-770: Allocation of Resources Without Limits or Throttling"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0004",
"refsource": "CONFIRM",
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0004"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"assignerShortName": "sonicwall",
"cveId": "CVE-2022-22278",
"datePublished": "2022-04-27T16:25:18",
"dateReserved": "2021-12-29T00:00:00",
"dateUpdated": "2024-08-03T03:07:50.277Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-22276
Vulnerability from cvelistv5
Published
2022-04-27 16:25
Modified
2024-08-03 03:07
Severity ?
EPSS score ?
Summary
A vulnerability in SonicOS SNMP service resulting exposure of sensitive information to an unauthorized user.
References
| ▼ | URL | Tags |
|---|---|---|
| https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0004 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | SonicWall | SonicOS |
Version: SonicOS Gen 7 TZ-Series 7.0.1-5030-R2007 and earlier versions. Version: SonicOS Gen 7 NSa-Series 7.0.1-5030-R2007 and earlier versions. Version: SonicOS Gen 7 NSv-Series 7.0.1.0-5030-1391 and earlier versions. Version: SonicOS Gen 7 NSsp-Series 7.0.1-5030-R780 and earlier versions. |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:07:50.191Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0004"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "SonicOS",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "SonicOS Gen 7 TZ-Series 7.0.1-5030-R2007 and earlier versions."
},
{
"status": "affected",
"version": "SonicOS Gen 7 NSa-Series 7.0.1-5030-R2007 and earlier versions."
},
{
"status": "affected",
"version": "SonicOS Gen 7 NSv-Series 7.0.1.0-5030-1391 and earlier versions."
},
{
"status": "affected",
"version": "SonicOS Gen 7 NSsp-Series 7.0.1-5030-R780 and earlier versions."
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in SonicOS SNMP service resulting exposure of sensitive information to an unauthorized user."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-27T16:25:15",
"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"shortName": "sonicwall"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0004"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "PSIRT@sonicwall.com",
"ID": "CVE-2022-22276",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SonicOS",
"version": {
"version_data": [
{
"version_value": "SonicOS Gen 7 TZ-Series 7.0.1-5030-R2007 and earlier versions."
},
{
"version_value": "SonicOS Gen 7 NSa-Series 7.0.1-5030-R2007 and earlier versions."
},
{
"version_value": "SonicOS Gen 7 NSv-Series 7.0.1.0-5030-1391 and earlier versions."
},
{
"version_value": "SonicOS Gen 7 NSsp-Series 7.0.1-5030-R780 and earlier versions."
}
]
}
}
]
},
"vendor_name": "SonicWall"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in SonicOS SNMP service resulting exposure of sensitive information to an unauthorized user."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0004",
"refsource": "CONFIRM",
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0004"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"assignerShortName": "sonicwall",
"cveId": "CVE-2022-22276",
"datePublished": "2022-04-27T16:25:15",
"dateReserved": "2021-12-29T00:00:00",
"dateUpdated": "2024-08-03T03:07:50.191Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-20048
Vulnerability from cvelistv5
Published
2022-01-07 03:00
Modified
2024-08-03 17:30
Severity ?
EPSS score ?
Summary
A Stack-based buffer overflow in the SonicOS SessionID HTTP response header allows a remote authenticated attacker to cause Denial of Service (DoS) and potentially results in code execution in the firewall. This vulnerability affected SonicOS Gen 5, Gen 6 and Gen 7 firmware versions.
References
| ▼ | URL | Tags |
|---|---|---|
| https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0028 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | SonicWall | SonicOS |
Version: 7.0.1-R146 and earlier Version: 7.0.1-5023-1349 and earlier Version: 7.0.1-5018-R1715 and earlier Version: 6.5.4.8-89n and earlier Version: 6.5.1.13-1n and earlier Version: 6.0.5.3-94o and earlier Version: 6.5.4.v_21s-1288 and earlier Version: 5.9.1.13 and earlier |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T17:30:06.959Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0028"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "SonicOS",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "7.0.1-R146 and earlier"
},
{
"status": "affected",
"version": "7.0.1-5023-1349 and earlier"
},
{
"status": "affected",
"version": "7.0.1-5018-R1715 and earlier"
},
{
"status": "affected",
"version": "6.5.4.8-89n and earlier"
},
{
"status": "affected",
"version": "6.5.1.13-1n and earlier"
},
{
"status": "affected",
"version": "6.0.5.3-94o and earlier"
},
{
"status": "affected",
"version": "6.5.4.v_21s-1288 and earlier"
},
{
"status": "affected",
"version": "5.9.1.13 and earlier"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A Stack-based buffer overflow in the SonicOS SessionID HTTP response header allows a remote authenticated attacker to cause Denial of Service (DoS) and potentially results in code execution in the firewall. This vulnerability affected SonicOS Gen 5, Gen 6 and Gen 7 firmware versions."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121: Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-01-07T03:00:12",
"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"shortName": "sonicwall"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0028"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "PSIRT@sonicwall.com",
"ID": "CVE-2021-20048",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SonicOS",
"version": {
"version_data": [
{
"version_value": "7.0.1-R146 and earlier"
},
{
"version_value": "7.0.1-5023-1349 and earlier"
},
{
"version_value": "7.0.1-5018-R1715 and earlier"
},
{
"version_value": "6.5.4.8-89n and earlier"
},
{
"version_value": "6.5.1.13-1n and earlier"
},
{
"version_value": "6.0.5.3-94o and earlier"
},
{
"version_value": "6.5.4.v_21s-1288 and earlier"
},
{
"version_value": "5.9.1.13 and earlier"
}
]
}
}
]
},
"vendor_name": "SonicWall"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A Stack-based buffer overflow in the SonicOS SessionID HTTP response header allows a remote authenticated attacker to cause Denial of Service (DoS) and potentially results in code execution in the firewall. This vulnerability affected SonicOS Gen 5, Gen 6 and Gen 7 firmware versions."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-121: Stack-based Buffer Overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0028",
"refsource": "CONFIRM",
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0028"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"assignerShortName": "sonicwall",
"cveId": "CVE-2021-20048",
"datePublished": "2022-01-07T03:00:12",
"dateReserved": "2020-12-17T00:00:00",
"dateUpdated": "2024-08-03T17:30:06.959Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-39279
Vulnerability from cvelistv5
Published
2023-10-17 22:15
Modified
2024-09-13 16:00
Severity ?
EPSS score ?
Summary
SonicOS post-authentication Stack-Based Buffer Overflow vulnerability in the getPacketReplayData.json URL endpoint leads to a firewall crash.
References
| ▼ | URL | Tags |
|---|---|---|
| https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0012 | vendor-advisory |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T18:02:06.813Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0012"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-39279",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-13T16:00:24.050497Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-13T16:00:49.830Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"modules": [
"Management",
"SSLVPN"
],
"product": "SonicOS",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "7.0.1-5119 and earlier versions"
},
{
"status": "affected",
"version": "7.0.1-5129 and earlier versions"
},
{
"status": "affected",
"version": "6.5.4.4-44v-21-2079 and earlier versions"
},
{
"status": "affected",
"version": "6.5.4.12-101n and earlier versions"
}
]
}
],
"datePublic": "2023-10-17T22:15:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "SonicOS post-authentication Stack-Based Buffer Overflow vulnerability in the getPacketReplayData.json URL endpoint leads to a firewall crash."
}
],
"value": "SonicOS post-authentication Stack-Based Buffer Overflow vulnerability in the getPacketReplayData.json URL endpoint leads to a firewall crash."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121 Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-17T22:15:00.711Z",
"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"shortName": "sonicwall"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0012"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"assignerShortName": "sonicwall",
"cveId": "CVE-2023-39279",
"datePublished": "2023-10-17T22:15:00.711Z",
"dateReserved": "2023-07-27T00:07:04.124Z",
"dateUpdated": "2024-09-13T16:00:49.830Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-41711
Vulnerability from cvelistv5
Published
2023-10-17 22:20
Modified
2024-09-13 15:38
Severity ?
EPSS score ?
Summary
SonicOS post-authentication Stack-Based Buffer Overflow Vulnerability in the sonicwall.exp, prefs.exp URL endpoints lead to a firewall crash.
References
| ▼ | URL | Tags |
|---|---|---|
| https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0012 | vendor-advisory |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:01:35.448Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0012"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-41711",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-13T15:38:20.952791Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-13T15:38:30.661Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"modules": [
"Management",
"SSLVPN"
],
"product": "SonicOS",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "7.0.1-5119 and earlier versions"
},
{
"status": "affected",
"version": "7.0.1-5129 and earlier versions"
},
{
"status": "affected",
"version": "6.5.4.4-44v-21-2079 and earlier versions"
},
{
"status": "affected",
"version": "6.5.4.12-101n and earlier versions"
}
]
}
],
"datePublic": "2023-10-17T22:20:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "SonicOS post-authentication Stack-Based Buffer Overflow Vulnerability in the sonicwall.exp, prefs.exp URL endpoints lead to a firewall crash."
}
],
"value": "SonicOS post-authentication Stack-Based Buffer Overflow Vulnerability in the sonicwall.exp, prefs.exp URL endpoints lead to a firewall crash."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121 Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-17T22:20:36.619Z",
"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"shortName": "sonicwall"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0012"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"assignerShortName": "sonicwall",
"cveId": "CVE-2023-41711",
"datePublished": "2023-10-17T22:20:36.619Z",
"dateReserved": "2023-08-30T17:07:28.451Z",
"dateUpdated": "2024-09-13T15:38:30.661Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-39280
Vulnerability from cvelistv5
Published
2023-10-17 22:17
Modified
2024-09-13 15:59
Severity ?
EPSS score ?
Summary
SonicOS p
ost-authentication Stack-Based Buffer Overflow vulnerability in the ssoStats-s.xml, ssoStats-s.wri URL endpoints leads to a firewall crash.
References
| ▼ | URL | Tags |
|---|---|---|
| https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0012 | vendor-advisory |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T18:02:06.718Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0012"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-39280",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-13T15:59:13.568147Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-13T15:59:29.468Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"modules": [
"Management",
"SSLVPN"
],
"product": "SonicOS",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "7.0.1-5119 and earlier versions"
},
{
"status": "affected",
"version": "7.0.1-5129 and earlier versions"
},
{
"status": "affected",
"version": "6.5.4.4-44v-21-2079 and earlier versions"
},
{
"status": "affected",
"version": "6.5.4.12-101n and earlier versions"
}
]
}
],
"datePublic": "2023-10-17T22:16:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "SonicOS p\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eost-authentication Stack-Based Buffer Overflow vulnerability in the ssoStats-s.xml, ssoStats-s.wri URL endpoints leads to a firewall crash.\u003c/span\u003e\n\n"
}
],
"value": "SonicOS p\n\nost-authentication Stack-Based Buffer Overflow vulnerability in the ssoStats-s.xml, ssoStats-s.wri URL endpoints leads to a firewall crash.\n\n"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121 Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-17T22:17:36.308Z",
"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"shortName": "sonicwall"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0012"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"assignerShortName": "sonicwall",
"cveId": "CVE-2023-39280",
"datePublished": "2023-10-17T22:17:36.308Z",
"dateReserved": "2023-07-27T00:07:04.125Z",
"dateUpdated": "2024-09-13T15:59:29.468Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-29013
Vulnerability from cvelistv5
Published
2024-06-20 08:14
Modified
2024-08-02 01:03
Severity ?
EPSS score ?
Summary
Heap-based buffer overflow vulnerability in the SonicOS SSL-VPN allows an authenticated remote attacker to cause Denial of Service (DoS) via memcpy function.
References
| ▼ | URL | Tags |
|---|---|---|
| https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0009 | vendor-advisory |
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-29013",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-27T13:20:32.639743Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-01T18:38:28.985Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T01:03:51.681Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0009"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"platforms": [
"Gen7"
],
"product": "SonicOS",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "7.1.1-7051 and earlier versions"
}
]
}
],
"datePublic": "2024-06-20T08:12:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Heap-based buffer overflow vulnerability in the SonicOS SSL-VPN allows an authenticated remote attacker to cause Denial of Service (DoS) via memcpy function."
}
],
"value": "Heap-based buffer overflow vulnerability in the SonicOS SSL-VPN allows an authenticated remote attacker to cause Denial of Service (DoS) via memcpy function."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-122",
"description": "CWE-122 Heap-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-20T08:14:23.845Z",
"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"shortName": "sonicwall"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0009"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"assignerShortName": "sonicwall",
"cveId": "CVE-2024-29013",
"datePublished": "2024-06-20T08:14:23.845Z",
"dateReserved": "2024-03-14T03:29:41.180Z",
"dateUpdated": "2024-08-02T01:03:51.681Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-41712
Vulnerability from cvelistv5
Published
2023-10-17 22:26
Modified
2024-09-13 15:36
Severity ?
EPSS score ?
Summary
SonicOS post-authentication Stack-Based Buffer Overflow Vulnerability in the SSL VPN plainprefs.exp URL endpoint leads to a firewall crash.
References
| ▼ | URL | Tags |
|---|---|---|
| https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0012 | vendor-advisory |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:01:35.451Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0012"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-41712",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-13T15:36:06.568443Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-13T15:36:27.303Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"modules": [
"Management",
"SSLVPN"
],
"product": "SonicOS",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "7.0.1-5119 and earlier versions"
},
{
"status": "affected",
"version": "7.0.1-5129 and earlier versions"
},
{
"status": "affected",
"version": "6.5.4.4-44v-21-2079 and earlier versions"
},
{
"status": "affected",
"version": "6.5.4.12-101n and earlier versions"
}
]
}
],
"datePublic": "2023-10-17T22:25:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "SonicOS post-authentication Stack-Based Buffer Overflow Vulnerability in the SSL VPN plainprefs.exp URL endpoint leads to a firewall crash."
}
],
"value": "SonicOS post-authentication Stack-Based Buffer Overflow Vulnerability in the SSL VPN plainprefs.exp URL endpoint leads to a firewall crash."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121 Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-17T22:26:09.949Z",
"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"shortName": "sonicwall"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0012"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"assignerShortName": "sonicwall",
"cveId": "CVE-2023-41712",
"datePublished": "2023-10-17T22:26:09.949Z",
"dateReserved": "2023-08-30T17:07:28.452Z",
"dateUpdated": "2024-09-13T15:36:27.303Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-29012
Vulnerability from cvelistv5
Published
2024-06-20 08:11
Modified
2024-08-02 01:03
Severity ?
EPSS score ?
Summary
Stack-based buffer overflow vulnerability in the SonicOS HTTP server allows an authenticated remote attacker to cause Denial of Service (DoS) via sscanf function.
References
| ▼ | URL | Tags |
|---|---|---|
| https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0008 | vendor-advisory |
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-29012",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-27T13:21:49.382881Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-01T18:39:02.051Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T01:03:51.511Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0008"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"platforms": [
"Gen7"
],
"product": "SonicOS",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "7.1.1-7051 and earlier versions"
}
]
}
],
"datePublic": "2024-06-20T08:01:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Stack-based buffer overflow vulnerability in the SonicOS HTTP server allows an authenticated remote attacker to cause Denial of Service (DoS) via sscanf function."
}
],
"value": "Stack-based buffer overflow vulnerability in the SonicOS HTTP server allows an authenticated remote attacker to cause Denial of Service (DoS) via sscanf function."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121 Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-20T08:11:10.318Z",
"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"shortName": "sonicwall"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0008"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"assignerShortName": "sonicwall",
"cveId": "CVE-2024-29012",
"datePublished": "2024-06-20T08:11:10.318Z",
"dateReserved": "2024-03-14T03:29:41.180Z",
"dateUpdated": "2024-08-02T01:03:51.511Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-20031
Vulnerability from cvelistv5
Published
2021-10-12 22:55
Modified
2024-08-03 17:30
Severity ?
EPSS score ?
Summary
A Host Header Redirection vulnerability in SonicOS potentially allows a remote attacker to redirect firewall management users to arbitrary web domains.
References
| ▼ | URL | Tags |
|---|---|---|
| https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0019 | x_refsource_CONFIRM | |
| http://packetstormsecurity.com/files/164502/Sonicwall-SonicOS-7.0-Host-Header-Injection.html | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | SonicWall | SonicOS |
Version: 7.0.1-R1262 and earlier Version: 7.0.1-R1283 and earlier Version: 7.0.1-R579 and earlier Version: 6.5.4.7 and earlier Version: 6.5.1.12 and earlier Version: 6.0.5.3-94o and earlier Version: 6.5.4.4-44V-21-987 and earlier Version: 5.9.1.13 and earlier |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T17:30:07.419Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0019"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/164502/Sonicwall-SonicOS-7.0-Host-Header-Injection.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "SonicOS",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "7.0.1-R1262 and earlier"
},
{
"status": "affected",
"version": "7.0.1-R1283 and earlier"
},
{
"status": "affected",
"version": "7.0.1-R579 and earlier"
},
{
"status": "affected",
"version": "6.5.4.7 and earlier"
},
{
"status": "affected",
"version": "6.5.1.12 and earlier"
},
{
"status": "affected",
"version": "6.0.5.3-94o and earlier"
},
{
"status": "affected",
"version": "6.5.4.4-44V-21-987 and earlier"
},
{
"status": "affected",
"version": "5.9.1.13 and earlier"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A Host Header Redirection vulnerability in SonicOS potentially allows a remote attacker to redirect firewall management users to arbitrary web domains."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-601",
"description": "CWE-601: URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-13T16:06:13",
"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"shortName": "sonicwall"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0019"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/164502/Sonicwall-SonicOS-7.0-Host-Header-Injection.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "PSIRT@sonicwall.com",
"ID": "CVE-2021-20031",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SonicOS",
"version": {
"version_data": [
{
"version_value": "7.0.1-R1262 and earlier"
},
{
"version_value": "7.0.1-R1283 and earlier"
},
{
"version_value": "7.0.1-R579 and earlier"
},
{
"version_value": "6.5.4.7 and earlier"
},
{
"version_value": "6.5.1.12 and earlier"
},
{
"version_value": "6.0.5.3-94o and earlier"
},
{
"version_value": "6.5.4.4-44V-21-987 and earlier"
},
{
"version_value": "5.9.1.13 and earlier"
}
]
}
}
]
},
"vendor_name": "SonicWall"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A Host Header Redirection vulnerability in SonicOS potentially allows a remote attacker to redirect firewall management users to arbitrary web domains."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-601: URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0019",
"refsource": "CONFIRM",
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0019"
},
{
"name": "http://packetstormsecurity.com/files/164502/Sonicwall-SonicOS-7.0-Host-Header-Injection.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/164502/Sonicwall-SonicOS-7.0-Host-Header-Injection.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"assignerShortName": "sonicwall",
"cveId": "CVE-2021-20031",
"datePublished": "2021-10-12T22:55:09",
"dateReserved": "2020-12-17T00:00:00",
"dateUpdated": "2024-08-03T17:30:07.419Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-22394
Vulnerability from cvelistv5
Published
2024-02-08 01:14
Modified
2024-08-22 18:49
Severity ?
EPSS score ?
Summary
An improper authentication vulnerability has been identified in SonicWall SonicOS SSL-VPN feature, which in specific conditions could allow a remote attacker to bypass authentication.
This issue affects only firmware version SonicOS 7.1.1-7040.
References
| ▼ | URL | Tags |
|---|---|---|
| https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0003 | vendor-advisory |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T22:43:34.842Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0003"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sonicos",
"vendor": "sonicwall",
"versions": [
{
"status": "affected",
"version": "sonicos 7.1.1-7040"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-22394",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-02-08T17:20:54.081829Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-22T18:49:34.217Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "SonicOS",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "SonicOS 7.1.1-7040"
}
]
}
],
"datePublic": "2024-02-08T00:06:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An improper authentication vulnerability has been identified in SonicWall SonicOS SSL-VPN feature, which in specific conditions could allow a remote attacker to bypass authentication.\u0026nbsp;\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eThis issue affects only firmware version SonicOS 7.1.1-7040.\u003c/span\u003e\n\n"
}
],
"value": "An improper authentication vulnerability has been identified in SonicWall SonicOS SSL-VPN feature, which in specific conditions could allow a remote attacker to bypass authentication.\u00a0\n\nThis issue affects only firmware version SonicOS 7.1.1-7040.\n\n"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "CWE-287 Improper Authentication",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-02-08T01:14:33.634Z",
"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"shortName": "sonicwall"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0003"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"assignerShortName": "sonicwall",
"cveId": "CVE-2024-22394",
"datePublished": "2024-02-08T01:14:33.634Z",
"dateReserved": "2024-01-10T09:52:23.462Z",
"dateUpdated": "2024-08-22T18:49:34.217Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-22274
Vulnerability from cvelistv5
Published
2022-03-25 23:05
Modified
2024-08-03 03:07
Severity ?
EPSS score ?
Summary
A Stack-based buffer overflow vulnerability in the SonicOS via HTTP request allows a remote unauthenticated attacker to cause Denial of Service (DoS) or potentially results in code execution in the firewall.
References
| ▼ | URL | Tags |
|---|---|---|
| https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0003 | x_refsource_CONFIRM |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:07:50.278Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0003"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "SonicOS",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "SonicOS 7.0.1-5050 and earlier"
},
{
"status": "affected",
"version": "SonicOS 7.0.1-R579 and earlier"
},
{
"status": "affected",
"version": "SonicOSv 6.5.4.4-44v-21-1452 and earlier"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A Stack-based buffer overflow vulnerability in the SonicOS via HTTP request allows a remote unauthenticated attacker to cause Denial of Service (DoS) or potentially results in code execution in the firewall."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121: Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-03-25T23:05:09",
"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"shortName": "sonicwall"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0003"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "PSIRT@sonicwall.com",
"ID": "CVE-2022-22274",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SonicOS",
"version": {
"version_data": [
{
"version_value": "SonicOS 7.0.1-5050 and earlier"
},
{
"version_value": "SonicOS 7.0.1-R579 and earlier"
},
{
"version_value": "SonicOSv 6.5.4.4-44v-21-1452 and earlier"
}
]
}
}
]
},
"vendor_name": "SonicWall"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A Stack-based buffer overflow vulnerability in the SonicOS via HTTP request allows a remote unauthenticated attacker to cause Denial of Service (DoS) or potentially results in code execution in the firewall."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-121: Stack-based Buffer Overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0003",
"refsource": "CONFIRM",
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0003"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"assignerShortName": "sonicwall",
"cveId": "CVE-2022-22274",
"datePublished": "2022-03-25T23:05:09",
"dateReserved": "2021-12-29T00:00:00",
"dateUpdated": "2024-08-03T03:07:50.278Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-40764
Vulnerability from cvelistv5
Published
2024-07-18 07:42
Modified
2024-08-02 04:39
Severity ?
EPSS score ?
Summary
Heap-based buffer overflow vulnerability in the SonicOS IPSec VPN allows an unauthenticated remote attacker to cause Denial of Service (DoS).
References
| ▼ | URL | Tags |
|---|---|---|
| https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0012 | vendor-advisory |
Impacted products
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sonicos",
"vendor": "sonicwall",
"versions": [
{
"lessThanOrEqual": "6.5.4.4-44v-21-2395",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "7.0.1-5151",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "7.1.1-7051",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-40764",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-18T13:27:59.874514Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-18T13:37:13.495Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:39:54.567Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0012"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"platforms": [
"Gen6",
"Gen7"
],
"product": "SonicOS",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "6.5.4.4-44v-21-2395 and older versions"
},
{
"status": "affected",
"version": "7.0.1-5151 and older versions"
},
{
"status": "affected",
"version": "7.1.1-7051 and older versions"
}
]
}
],
"datePublic": "2024-07-18T07:38:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Heap-based buffer overflow vulnerability in the SonicOS IPSec VPN allows an unauthenticated remote attacker to cause Denial of Service (DoS)."
}
],
"value": "Heap-based buffer overflow vulnerability in the SonicOS IPSec VPN allows an unauthenticated remote attacker to cause Denial of Service (DoS)."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-122",
"description": "CWE-122 Heap-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-18T07:42:37.995Z",
"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"shortName": "sonicwall"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0012"
}
],
"source": {
"advisory": "SNWLID-2024-0012",
"discovery": "EXTERNAL"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"assignerShortName": "sonicwall",
"cveId": "CVE-2024-40764",
"datePublished": "2024-07-18T07:42:37.995Z",
"dateReserved": "2024-07-10T15:58:49.461Z",
"dateUpdated": "2024-08-02T04:39:54.567Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-22277
Vulnerability from cvelistv5
Published
2022-04-27 16:25
Modified
2024-08-03 03:07
Severity ?
EPSS score ?
Summary
A vulnerability in SonicOS SNMP service resulting exposure of Wireless Access Point sensitive information in cleartext.
References
| ▼ | URL | Tags |
|---|---|---|
| https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0004 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | SonicWall | SonicOS |
Version: SonicOS Gen 7 TZ-Series 7.0.1-5030-R2007 and earlier versions. Version: SonicOS Gen 7 NSa-Series 7.0.1-5030-R2007 and earlier versions. Version: SonicOS Gen 7 NSv-Series 7.0.1.0-5030-1391 and earlier versions. Version: SonicOS Gen 7 NSsp-Series 7.0.1-5030-R780 and earlier versions. Version: SonicOS Gen 6 6.5.4.9-93n and earlier versions. |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:07:50.394Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0004"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "SonicOS",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "SonicOS Gen 7 TZ-Series 7.0.1-5030-R2007 and earlier versions."
},
{
"status": "affected",
"version": "SonicOS Gen 7 NSa-Series 7.0.1-5030-R2007 and earlier versions."
},
{
"status": "affected",
"version": "SonicOS Gen 7 NSv-Series 7.0.1.0-5030-1391 and earlier versions."
},
{
"status": "affected",
"version": "SonicOS Gen 7 NSsp-Series 7.0.1-5030-R780 and earlier versions."
},
{
"status": "affected",
"version": "SonicOS Gen 6 6.5.4.9-93n and earlier versions."
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in SonicOS SNMP service resulting exposure of Wireless Access Point sensitive information in cleartext."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-27T16:25:16",
"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"shortName": "sonicwall"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0004"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "PSIRT@sonicwall.com",
"ID": "CVE-2022-22277",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SonicOS",
"version": {
"version_data": [
{
"version_value": "SonicOS Gen 7 TZ-Series 7.0.1-5030-R2007 and earlier versions."
},
{
"version_value": "SonicOS Gen 7 NSa-Series 7.0.1-5030-R2007 and earlier versions."
},
{
"version_value": "SonicOS Gen 7 NSv-Series 7.0.1.0-5030-1391 and earlier versions."
},
{
"version_value": "SonicOS Gen 7 NSsp-Series 7.0.1-5030-R780 and earlier versions."
},
{
"version_value": "SonicOS Gen 6 6.5.4.9-93n and earlier versions."
}
]
}
}
]
},
"vendor_name": "SonicWall"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in SonicOS SNMP service resulting exposure of Wireless Access Point sensitive information in cleartext."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0004",
"refsource": "CONFIRM",
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0004"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"assignerShortName": "sonicwall",
"cveId": "CVE-2022-22277",
"datePublished": "2022-04-27T16:25:16",
"dateReserved": "2021-12-29T00:00:00",
"dateUpdated": "2024-08-03T03:07:50.394Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-41713
Vulnerability from cvelistv5
Published
2023-10-17 22:28
Modified
2024-09-13 19:32
Severity ?
EPSS score ?
Summary
SonicOS Use of Hard-coded Password vulnerability in the 'dynHandleBuyToolbar' demo function.
References
| ▼ | URL | Tags |
|---|---|---|
| https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0012 | vendor-advisory |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:01:35.438Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0012"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:o:sonicwall:sonicos:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sonicos",
"vendor": "sonicwall",
"versions": [
{
"lessThan": "7.0.1-5119",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "7.0.1-5129",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "6.5.4.4-44v-21-2079",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "6.5.4.12-101n",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-41713",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-13T19:29:35.513087Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-13T19:32:58.092Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"modules": [
"Management",
"SSLVPN"
],
"product": "SonicOS",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "7.0.1-5119 and earlier versions"
},
{
"status": "affected",
"version": "7.0.1-5129 and earlier versions"
},
{
"status": "affected",
"version": "6.5.4.4-44v-21-2079 and earlier versions"
},
{
"status": "affected",
"version": "6.5.4.12-101n and earlier versions"
}
]
}
],
"datePublic": "2023-10-17T22:28:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "SonicOS Use of Hard-coded Password vulnerability in the \u0027dynHandleBuyToolbar\u0027 demo function."
}
],
"value": "SonicOS Use of Hard-coded Password vulnerability in the \u0027dynHandleBuyToolbar\u0027 demo function."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-259",
"description": "CWE-259 Use of Hard-coded Password",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-17T22:28:50.229Z",
"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"shortName": "sonicwall"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0012"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"assignerShortName": "sonicwall",
"cveId": "CVE-2023-41713",
"datePublished": "2023-10-17T22:28:50.229Z",
"dateReserved": "2023-08-30T17:07:28.452Z",
"dateUpdated": "2024-09-13T19:32:58.092Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-20046
Vulnerability from cvelistv5
Published
2022-01-07 03:00
Modified
2024-08-03 17:30
Severity ?
EPSS score ?
Summary
A Stack-based buffer overflow in the SonicOS HTTP Content-Length response header allows a remote authenticated attacker to cause Denial of Service (DoS) and potentially results in code execution in the firewall. This vulnerability affected SonicOS Gen 5, Gen 6 and Gen 7 firmware versions.
References
| ▼ | URL | Tags |
|---|---|---|
| https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0027 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | SonicWall | SonicOS |
Version: 7.0.1-R146 and earlier Version: 7.0.1-5023-1349 and earlier Version: 7.0.1-5018-R1715 and earlier Version: 6.5.4.8-89n and earlier Version: 6.5.1.13-1n and earlier Version: 6.0.5.3-94o and earlier Version: 6.5.4.v_21s-1288 and earlier Version: 5.9.1.13 and earlier |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T17:30:07.777Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0027"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "SonicOS",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "7.0.1-R146 and earlier"
},
{
"status": "affected",
"version": "7.0.1-5023-1349 and earlier"
},
{
"status": "affected",
"version": "7.0.1-5018-R1715 and earlier"
},
{
"status": "affected",
"version": "6.5.4.8-89n and earlier"
},
{
"status": "affected",
"version": "6.5.1.13-1n and earlier"
},
{
"status": "affected",
"version": "6.0.5.3-94o and earlier"
},
{
"status": "affected",
"version": "6.5.4.v_21s-1288 and earlier"
},
{
"status": "affected",
"version": "5.9.1.13 and earlier"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A Stack-based buffer overflow in the SonicOS HTTP Content-Length response header allows a remote authenticated attacker to cause Denial of Service (DoS) and potentially results in code execution in the firewall. This vulnerability affected SonicOS Gen 5, Gen 6 and Gen 7 firmware versions."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121: Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-01-07T03:00:11",
"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"shortName": "sonicwall"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0027"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "PSIRT@sonicwall.com",
"ID": "CVE-2021-20046",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SonicOS",
"version": {
"version_data": [
{
"version_value": "7.0.1-R146 and earlier"
},
{
"version_value": "7.0.1-5023-1349 and earlier"
},
{
"version_value": "7.0.1-5018-R1715 and earlier"
},
{
"version_value": "6.5.4.8-89n and earlier"
},
{
"version_value": "6.5.1.13-1n and earlier"
},
{
"version_value": "6.0.5.3-94o and earlier"
},
{
"version_value": "6.5.4.v_21s-1288 and earlier"
},
{
"version_value": "5.9.1.13 and earlier"
}
]
}
}
]
},
"vendor_name": "SonicWall"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A Stack-based buffer overflow in the SonicOS HTTP Content-Length response header allows a remote authenticated attacker to cause Denial of Service (DoS) and potentially results in code execution in the firewall. This vulnerability affected SonicOS Gen 5, Gen 6 and Gen 7 firmware versions."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-121: Stack-based Buffer Overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0027",
"refsource": "CONFIRM",
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0027"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"assignerShortName": "sonicwall",
"cveId": "CVE-2021-20046",
"datePublished": "2022-01-07T03:00:11",
"dateReserved": "2020-12-17T00:00:00",
"dateUpdated": "2024-08-03T17:30:07.777Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-40766
Vulnerability from cvelistv5
Published
2024-08-23 06:19
Modified
2024-09-09 16:20
Severity ?
EPSS score ?
Summary
An improper access control vulnerability has been identified in the SonicWall SonicOS management access, potentially leading to unauthorized resource access and in specific conditions, causing the firewall to crash. This issue affects SonicWall Firewall Gen 5 and Gen 6 devices, as well as Gen 7 devices running SonicOS 7.0.1-5035 and older versions.
References
| ▼ | URL | Tags |
|---|---|---|
| https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0015 | vendor-advisory |
Impacted products
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sonicos",
"vendor": "sonicwall",
"versions": [
{
"lessThanOrEqual": "5.9.2.14-12o",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.5.4.14-109n",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "7.0.1-5035",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:L",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-40766",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-09T14:11:51.602153Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2024-09-09",
"reference": "https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json"
},
"type": "kev"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-09T16:20:22.681Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"timeline": [
{
"lang": "en",
"time": "2024-09-09T00:00:00+00:00",
"value": "CVE-2024-40766 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"platforms": [
"Gen5",
"Gen6",
"Gen7"
],
"product": "SonicOS",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "5.9.2.14-12o and older versions"
},
{
"status": "affected",
"version": "6.5.4.14-109n and older versions"
},
{
"status": "affected",
"version": "7.0.1-5035 and older versions"
}
]
}
],
"datePublic": "2024-08-23T06:13:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An improper access control vulnerability has been identified in the SonicWall SonicOS management access, potentially leading to unauthorized resource access and in specific conditions, causing the firewall to crash. This issue affects SonicWall Firewall Gen 5 and Gen 6 devices, as well as Gen 7 devices running SonicOS 7.0.1-5035 and older versions."
}
],
"value": "An improper access control vulnerability has been identified in the SonicWall SonicOS management access, potentially leading to unauthorized resource access and in specific conditions, causing the firewall to crash. This issue affects SonicWall Firewall Gen 5 and Gen 6 devices, as well as Gen 7 devices running SonicOS 7.0.1-5035 and older versions."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284 Improper Access Control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-23T06:19:07.229Z",
"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"shortName": "sonicwall"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0015"
}
],
"source": {
"advisory": "SNWLID-2024-0015",
"discovery": "INTERNAL"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"assignerShortName": "sonicwall",
"cveId": "CVE-2024-40766",
"datePublished": "2024-08-23T06:19:07.229Z",
"dateReserved": "2024-07-10T15:58:49.462Z",
"dateUpdated": "2024-09-09T16:20:22.681Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2022-04-27 17:15
Modified
2024-11-21 06:46
Severity ?
Summary
Improper Restriction of TCP Communication Channel in HTTP/S inbound traffic from WAN to DMZ bypassing security policy until TCP handshake potentially resulting in Denial of Service (DoS) attack if a target host is vulnerable.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F8464F67-85C1-4E80-AE4B-C121BD8F93AC",
"versionEndIncluding": "7.0.1-5030-r2007",
"versionStartIncluding": "7.0.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsa_2650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B7BCDFEE-DC5A-44B8-85DF-8BFC02B1A973",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_2700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8D8B0C7A-FD65-47CA-A625-150A90EFA7A1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_3650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "043858A6-26AC-4EB0-A240-A43AD08C6AD5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_3700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A69E000B-5806-46FD-A233-4E2CC9DD38D2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_4650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "73BB9452-A014-4A68-9662-63E6C60EEAD2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_4700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8DF4A322-7CC7-4AB9-B10E-FFF34DF2182D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_5650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9FAAEBB4-F180-4195-BA7F-591AB02EEDC9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_5700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4C15FED5-C48C-47CF-9645-0563D77883C1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_6650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "676B05B2-716E-4DC4-BEE8-0E3BCCA5DB27",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_6700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A884B1BB-F201-4C77-9F6E-B8A884DCD4C2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_9250:-:*:*:*:*:*:*:*",
"matchCriteriaId": "60219D0D-240E-4C5E-ADEE-0144DB076F28",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_9450:-:*:*:*:*:*:*:*",
"matchCriteriaId": "260EAE19-8320-4616-8833-B214D41FA98E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_9650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "94F17A77-EB74-4815-A026-6116755EFB37",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:soho_250:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9FDE64E9-44DD-4B7C-BA34-FE2C79E3FAED",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:soho_250w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E8F3935-89B4-4091-9B8C-442C02FD4F3A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz270:-:*:*:*:*:*:*:*",
"matchCriteriaId": "70340DD4-687B-402C-85AF-C2B80D0F1600",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz270w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "52847BA2-470B-4078-A79B-52095DB9214B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "09678BBE-7603-41D2-BF09-415CA33C7EFA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz300p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7003DBEF-CA74-4429-B567-5CFFB83762E6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz300w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A8AC8EAE-99BE-4889-9978-5083F71D7178",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz350:-:*:*:*:*:*:*:*",
"matchCriteriaId": "479B1418-CA62-4B24-A5DB-21F488941754",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz350w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D3E0AB47-5EE3-4F2F-B442-DA48C58C44D6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz370:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9853AE3A-B0EA-4249-AA7D-1F2051C9BF91",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz370w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4DBDD10C-F89D-4051-BC70-67B41167FF9B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D50B19A6-80C4-4FF7-9CD5-58938641D3DC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz400w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "745643D6-9336-4FBE-9625-99599DFBB8A2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz470:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C23940E-2F9D-447B-A740-42035ED5D400",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz470w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "90C790AD-C40E-4527-8F83-D278282A9600",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C09B5BCD-C830-4C67-B966-1CA499F21D04",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz500w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA61303F-736E-411F-AEF3-6335C0795138",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz570:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C7DF76E0-8E3D-4E0D-A3BB-F5AE05A4C7C9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz570p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "352DFCF9-E333-41C0-8033-91265768FD8E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz570w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4C882C38-9DA5-4C03-BB23-AB2B448E3307",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3506950B-2404-41D2-8EF3-1694777D9EEA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz600p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7B4C9916-AD16-4E31-90A6-2AD577EA9783",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz670:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AEEA6065-48D3-4EC7-BD94-CBAE3D1010FF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "01B222A9-64C3-4C64-8707-0F53B2BA636B",
"versionEndIncluding": "7.0.1.0-5030-1391",
"versionStartIncluding": "7.0.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsv_10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "75912A50-E148-43C9-9335-BE19977F8A70",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv_100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12CF8746-84DF-4FB6-B5B7-AAED39E7FA6C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv_200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AC0B21B1-ABA5-49E2-9B43-E85B9B447F45",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv_25:-:*:*:*:*:*:*:*",
"matchCriteriaId": "731B4849-2F0B-4625-B768-2287964ECDAF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv_270:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F2ABC8D8-2943-4073-9568-E87961A18998",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv_300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0BC92834-A624-49D8-BF14-9F545C63EB0B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv_400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "18066544-CD00-41A5-9392-6023020853D4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv_470:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9F57D527-AA3F-45E9-9BCE-6F76691066B5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv_50:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6A644965-B1B8-4581-BCAC-8D6BCC961A03",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv_800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "30061761-D324-43DD-B43D-F2DFEF987364",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv_870:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F5ECCCF0-A5D8-42A8-8EC1-D12B49B1124A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BA61E6BD-4873-4A78-9A64-D645923D68A8",
"versionEndIncluding": "7.0.1-5030-r780",
"versionStartIncluding": "7.0.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nssp_10700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7C3BA5A3-1160-4793-A8D6-40B9D264BCC4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nssp_11700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6739DEA3-06FF-4FEB-9931-0DB27F63B70E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nssp_12400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F2F22AB1-044C-45F1-BD33-82BB46402363",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nssp_12800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E62EAD79-2CD4-4479-B26A-A0C97B5B241A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nssp_13700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0250EDF9-0AEF-4711-8EF6-D447CF48BCAF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Restriction of TCP Communication Channel in HTTP/S inbound traffic from WAN to DMZ bypassing security policy until TCP handshake potentially resulting in Denial of Service (DoS) attack if a target host is vulnerable."
},
{
"lang": "es",
"value": "Una Restricci\u00f3n Inapropiada del Canal de Comunicaci\u00f3n TCP en el tr\u00e1fico de entrada HTTP/S de la WAN a la DMZ omitiendo la pol\u00edtica de seguridad hasta el apret\u00f3n de manos TCP, resultando potencialmente en un ataque de Denegaci\u00f3n de Servicio (DoS) si el host de destino es vulnerable"
}
],
"id": "CVE-2022-22275",
"lastModified": "2024-11-21T06:46:32.393",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-04-27T17:15:07.273",
"references": [
{
"source": "PSIRT@sonicwall.com",
"tags": [
"Vendor Advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0004"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0004"
}
],
"sourceIdentifier": "PSIRT@sonicwall.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-400"
}
],
"source": "PSIRT@sonicwall.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-10-17 23:15
Modified
2024-11-21 08:21
Severity ?
Summary
SonicOS Use of Hard-coded Password vulnerability in the 'dynHandleBuyToolbar' demo function.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2C7049FD-8088-4FCE-886A-F4CF5E287D1C",
"versionEndExcluding": "7.0.1-5145",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsa2700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4AFAFCEC-A61E-40EB-87B9-7449751CCAF8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa3700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BC4F132-D29A-4974-86DA-6E35AB05327C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa4700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CBE365CF-DBE9-4C84-AB0C-0CAB7C74ED40",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa5700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "016BB564-CEFC-4E0C-9D38-D9C4C8B2E492",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa6700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5D95DCC6-6F48-4A79-A9F6-BDB1AEFA2180",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nssp10700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15F2741F-3C32-4075-A224-BE272B50E3D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nssp11700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AC883B32-987C-4D34-8BBF-39E2C57A62EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nssp13700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C72EA66A-320C-4D5E-B3F6-6D5F8733E2F1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nssp15700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F8B4A33E-8456-451E-AAF4-7F48BEDACF45",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F5B29EE-9D04-44CC-BB1F-C3C6130D2708",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB6153BB-7B2C-4307-ABE0-0E7E1745DEC7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv1600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "93914C8C-69ED-480C-80F2-4334C00788D8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE26ECE3-9E17-456F-A416-E23A758C9E4C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv25:-:*:*:*:*:*:*:*",
"matchCriteriaId": "67EEA85D-8F9E-4E41-B8B3-119738375A84",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv270:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DACDCE12-74C2-4F3C-8421-9191700514C5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F0D33997-0D65-464E-8AA5-043499C667D1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D13CD6CF-B048-4214-AAA8-AB58BE6C6C5E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv470:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AF1ECB1-6257-41E3-A050-6467063F4807",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv50:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA838CC7-083A-4BF1-9C95-BED6F5A2992C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D0171D69-14A6-4AB0-8377-C233F5E192D8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv870:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0883D805-1BA9-49CE-AEC7-51C9D9A69C5C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz270:-:*:*:*:*:*:*:*",
"matchCriteriaId": "70340DD4-687B-402C-85AF-C2B80D0F1600",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz270w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "52847BA2-470B-4078-A79B-52095DB9214B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz370:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9853AE3A-B0EA-4249-AA7D-1F2051C9BF91",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz370w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4DBDD10C-F89D-4051-BC70-67B41167FF9B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz470:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C23940E-2F9D-447B-A740-42035ED5D400",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz470w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "90C790AD-C40E-4527-8F83-D278282A9600",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz570:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C7DF76E0-8E3D-4E0D-A3BB-F5AE05A4C7C9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz570p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "352DFCF9-E333-41C0-8033-91265768FD8E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz570w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4C882C38-9DA5-4C03-BB23-AB2B448E3307",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz670:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AEEA6065-48D3-4EC7-BD94-CBAE3D1010FF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9B91638E-FB80-4C65-8A37-827488CB3E2C",
"versionEndExcluding": "6.5.4.4-44v-21-2340",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsv10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F5B29EE-9D04-44CC-BB1F-C3C6130D2708",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB6153BB-7B2C-4307-ABE0-0E7E1745DEC7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv1600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "93914C8C-69ED-480C-80F2-4334C00788D8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE26ECE3-9E17-456F-A416-E23A758C9E4C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv25:-:*:*:*:*:*:*:*",
"matchCriteriaId": "67EEA85D-8F9E-4E41-B8B3-119738375A84",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv270:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DACDCE12-74C2-4F3C-8421-9191700514C5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F0D33997-0D65-464E-8AA5-043499C667D1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D13CD6CF-B048-4214-AAA8-AB58BE6C6C5E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv470:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AF1ECB1-6257-41E3-A050-6467063F4807",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv50:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA838CC7-083A-4BF1-9C95-BED6F5A2992C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D0171D69-14A6-4AB0-8377-C233F5E192D8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv870:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0883D805-1BA9-49CE-AEC7-51C9D9A69C5C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0D74A465-1A72-4A02-8A54-FD502BD28119",
"versionEndExcluding": "6.5.4.13-105n",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsa_2600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F86D13F9-D41E-4230-9116-A781FFAEF00D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_2650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B7BCDFEE-DC5A-44B8-85DF-8BFC02B1A973",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_3600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8A24BCC0-CE41-49AF-B03D-D4FCB422503B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_3650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "043858A6-26AC-4EB0-A240-A43AD08C6AD5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_4600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8FD73880-DC60-467F-99B6-69807D58A840",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_4650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "73BB9452-A014-4A68-9662-63E6C60EEAD2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_5600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B0CF683A-7E83-464B-8A0D-4CC641377FA6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_5650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9FAAEBB4-F180-4195-BA7F-591AB02EEDC9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_6600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD9C3F77-2F1A-4C4F-A8F8-CDBFB7B87891",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_6650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "676B05B2-716E-4DC4-BEE8-0E3BCCA5DB27",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:sm_9200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FEF2B435-957C-4BBE-937D-23E4F33189EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:sm_9250:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0CE4FE75-10AD-47D4-AF87-E4C294F89EA8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:sm_9400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B485C543-DFCF-4481-92B4-F7198EE4FBD1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:sm_9450:-:*:*:*:*:*:*:*",
"matchCriteriaId": "928C1C0D-7AF7-4076-B5B2-207DFF3AD6A4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:sm_9600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F030C5AB-36CA-445E-AC87-8DEE18DBB40E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:sm_9650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A1F9D940-8AE2-4B92-B69D-9FF6F48DF16C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:soho_250:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9FDE64E9-44DD-4B7C-BA34-FE2C79E3FAED",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:soho_250w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E8F3935-89B4-4091-9B8C-442C02FD4F3A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:sohow:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7268E89B-FF46-45AD-82FF-333505EF957B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0804FADE-57F7-452F-86B3-079701059D37",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_300p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9956F726-6D62-4616-B60A-4D3DD6F32105",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_300w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "29F4D403-F20A-4802-AAE9-9582486EB436",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_350:-:*:*:*:*:*:*:*",
"matchCriteriaId": "675F28A7-0BB3-4CDA-855E-7EFC650B512E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5983C650-84F6-4B2E-A27E-9E83EA1DDC02",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_400w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BDD4B412-7967-477F-929E-8F12A39186FF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A1D996FA-52D1-47C2-87E6-682EEC9CA532",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_500w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B9DEF6EE-000D-407D-AA2B-E039BA306A2A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C0B8BFA4-2E15-4318-B7A9-DBDE801D0CF0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_600p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DCB8CDE6-8052-40F7-950F-05329499A58A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SonicOS Use of Hard-coded Password vulnerability in the \u0027dynHandleBuyToolbar\u0027 demo function."
},
{
"lang": "es",
"value": "SonicOS utiliza la vulnerabilidad de contrase\u00f1a codificada en la funci\u00f3n de demostraci\u00f3n \u0027dynHandleBuyToolbar\u0027."
}
],
"id": "CVE-2023-41713",
"lastModified": "2024-11-21T08:21:31.807",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-10-17T23:15:12.160",
"references": [
{
"source": "PSIRT@sonicwall.com",
"tags": [
"Vendor Advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0012"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0012"
}
],
"sourceIdentifier": "PSIRT@sonicwall.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-259"
}
],
"source": "PSIRT@sonicwall.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-798"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-06-14 23:15
Modified
2024-11-21 05:45
Severity ?
Summary
A buffer overflow vulnerability in SonicOS allows a remote attacker to cause a Denial of Service (DoS) by sending a specially crafted request. This vulnerability affects SonicOS Gen5, Gen6, Gen7 platforms, and SonicOSv virtual firewalls.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| PSIRT@sonicwall.com | https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0016 | Mitigation, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0016 | Mitigation, Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7177725D-324A-49F2-B8CA-F20245917932",
"versionEndIncluding": "7.0.1-r1262",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsa_2650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B7BCDFEE-DC5A-44B8-85DF-8BFC02B1A973",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_2700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8D8B0C7A-FD65-47CA-A625-150A90EFA7A1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_3650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "043858A6-26AC-4EB0-A240-A43AD08C6AD5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_3700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A69E000B-5806-46FD-A233-4E2CC9DD38D2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_4650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "73BB9452-A014-4A68-9662-63E6C60EEAD2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_4700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8DF4A322-7CC7-4AB9-B10E-FFF34DF2182D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_5650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9FAAEBB4-F180-4195-BA7F-591AB02EEDC9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_6650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "676B05B2-716E-4DC4-BEE8-0E3BCCA5DB27",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_6700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A884B1BB-F201-4C77-9F6E-B8A884DCD4C2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_9250:-:*:*:*:*:*:*:*",
"matchCriteriaId": "60219D0D-240E-4C5E-ADEE-0144DB076F28",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_9450:-:*:*:*:*:*:*:*",
"matchCriteriaId": "260EAE19-8320-4616-8833-B214D41FA98E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_9650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "94F17A77-EB74-4815-A026-6116755EFB37",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz270:-:*:*:*:*:*:*:*",
"matchCriteriaId": "70340DD4-687B-402C-85AF-C2B80D0F1600",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz270w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "52847BA2-470B-4078-A79B-52095DB9214B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "09678BBE-7603-41D2-BF09-415CA33C7EFA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz300p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7003DBEF-CA74-4429-B567-5CFFB83762E6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz300w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A8AC8EAE-99BE-4889-9978-5083F71D7178",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz350:-:*:*:*:*:*:*:*",
"matchCriteriaId": "479B1418-CA62-4B24-A5DB-21F488941754",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz350w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D3E0AB47-5EE3-4F2F-B442-DA48C58C44D6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz370:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9853AE3A-B0EA-4249-AA7D-1F2051C9BF91",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz370w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4DBDD10C-F89D-4051-BC70-67B41167FF9B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D50B19A6-80C4-4FF7-9CD5-58938641D3DC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz400w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "745643D6-9336-4FBE-9625-99599DFBB8A2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz470:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C23940E-2F9D-447B-A740-42035ED5D400",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz470w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "90C790AD-C40E-4527-8F83-D278282A9600",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C09B5BCD-C830-4C67-B966-1CA499F21D04",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz500w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA61303F-736E-411F-AEF3-6335C0795138",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz570:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C7DF76E0-8E3D-4E0D-A3BB-F5AE05A4C7C9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz570p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "352DFCF9-E333-41C0-8033-91265768FD8E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz570w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4C882C38-9DA5-4C03-BB23-AB2B448E3307",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3506950B-2404-41D2-8EF3-1694777D9EEA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz600p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7B4C9916-AD16-4E31-90A6-2AD577EA9783",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz670:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AEEA6065-48D3-4EC7-BD94-CBAE3D1010FF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B939069E-6F95-46F5-8826-85074359CBDD",
"versionEndIncluding": "7.0.1-r.1219",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsv_10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "75912A50-E148-43C9-9335-BE19977F8A70",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv_100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12CF8746-84DF-4FB6-B5B7-AAED39E7FA6C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv_1600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3ED84FC8-3E4E-4D29-B725-57AE7EEEC6DA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv_200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AC0B21B1-ABA5-49E2-9B43-E85B9B447F45",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv_25:-:*:*:*:*:*:*:*",
"matchCriteriaId": "731B4849-2F0B-4625-B768-2287964ECDAF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv_270:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F2ABC8D8-2943-4073-9568-E87961A18998",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv_300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0BC92834-A624-49D8-BF14-9F545C63EB0B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv_400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "18066544-CD00-41A5-9392-6023020853D4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv_470:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9F57D527-AA3F-45E9-9BCE-6F76691066B5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv_50:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6A644965-B1B8-4581-BCAC-8D6BCC961A03",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv_800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "30061761-D324-43DD-B43D-F2DFEF987364",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv_870:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F5ECCCF0-A5D8-42A8-8EC1-D12B49B1124A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6D4784A3-3EB7-4F2B-AAFF-3699BEB9D8E8",
"versionEndIncluding": "7.0.1-r514",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nssp_12400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F2F22AB1-044C-45F1-BD33-82BB46402363",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nssp_12800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E62EAD79-2CD4-4479-B26A-A0C97B5B241A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nssp_13700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0250EDF9-0AEF-4711-8EF6-D447CF48BCAF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nssp_15700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7D6CF3CF-256C-4C04-8BDF-B16398CD0459",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FF2C3009-7B05-41B3-849E-DFBB8C79968D",
"versionEndIncluding": "5.9.1.13",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsa_2650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B7BCDFEE-DC5A-44B8-85DF-8BFC02B1A973",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_2700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8D8B0C7A-FD65-47CA-A625-150A90EFA7A1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_3650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "043858A6-26AC-4EB0-A240-A43AD08C6AD5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_3700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A69E000B-5806-46FD-A233-4E2CC9DD38D2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_4650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "73BB9452-A014-4A68-9662-63E6C60EEAD2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_4700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8DF4A322-7CC7-4AB9-B10E-FFF34DF2182D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_5650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9FAAEBB4-F180-4195-BA7F-591AB02EEDC9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_6650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "676B05B2-716E-4DC4-BEE8-0E3BCCA5DB27",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_6700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A884B1BB-F201-4C77-9F6E-B8A884DCD4C2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_9250:-:*:*:*:*:*:*:*",
"matchCriteriaId": "60219D0D-240E-4C5E-ADEE-0144DB076F28",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_9450:-:*:*:*:*:*:*:*",
"matchCriteriaId": "260EAE19-8320-4616-8833-B214D41FA98E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_9650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "94F17A77-EB74-4815-A026-6116755EFB37",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:soho_250:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9FDE64E9-44DD-4B7C-BA34-FE2C79E3FAED",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:soho_250w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E8F3935-89B4-4091-9B8C-442C02FD4F3A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz270:-:*:*:*:*:*:*:*",
"matchCriteriaId": "70340DD4-687B-402C-85AF-C2B80D0F1600",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz270w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "52847BA2-470B-4078-A79B-52095DB9214B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "09678BBE-7603-41D2-BF09-415CA33C7EFA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz300p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7003DBEF-CA74-4429-B567-5CFFB83762E6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz300w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A8AC8EAE-99BE-4889-9978-5083F71D7178",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz350:-:*:*:*:*:*:*:*",
"matchCriteriaId": "479B1418-CA62-4B24-A5DB-21F488941754",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz350w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D3E0AB47-5EE3-4F2F-B442-DA48C58C44D6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz370:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9853AE3A-B0EA-4249-AA7D-1F2051C9BF91",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz370w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4DBDD10C-F89D-4051-BC70-67B41167FF9B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D50B19A6-80C4-4FF7-9CD5-58938641D3DC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz400w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "745643D6-9336-4FBE-9625-99599DFBB8A2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz470:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C23940E-2F9D-447B-A740-42035ED5D400",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz470w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "90C790AD-C40E-4527-8F83-D278282A9600",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C09B5BCD-C830-4C67-B966-1CA499F21D04",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz500w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA61303F-736E-411F-AEF3-6335C0795138",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz570:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C7DF76E0-8E3D-4E0D-A3BB-F5AE05A4C7C9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz570p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "352DFCF9-E333-41C0-8033-91265768FD8E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz570w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4C882C38-9DA5-4C03-BB23-AB2B448E3307",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3506950B-2404-41D2-8EF3-1694777D9EEA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz600p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7B4C9916-AD16-4E31-90A6-2AD577EA9783",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz670:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AEEA6065-48D3-4EC7-BD94-CBAE3D1010FF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B0A5E010-6867-4F79-8F9E-674DED854580",
"versionEndIncluding": "6.5.1.12",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nssp_12400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F2F22AB1-044C-45F1-BD33-82BB46402363",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nssp_12800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E62EAD79-2CD4-4479-B26A-A0C97B5B241A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:supermassive_9800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "08CEF935-BC0B-4A7D-BB3C-72B68965383F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CD1E5890-88A6-4932-B077-9A2BA77D74FA",
"versionEndIncluding": "6.5.4.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsa_2650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B7BCDFEE-DC5A-44B8-85DF-8BFC02B1A973",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_2700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8D8B0C7A-FD65-47CA-A625-150A90EFA7A1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_3650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "043858A6-26AC-4EB0-A240-A43AD08C6AD5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_3700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A69E000B-5806-46FD-A233-4E2CC9DD38D2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_4650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "73BB9452-A014-4A68-9662-63E6C60EEAD2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_4700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8DF4A322-7CC7-4AB9-B10E-FFF34DF2182D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_5650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9FAAEBB4-F180-4195-BA7F-591AB02EEDC9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_6650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "676B05B2-716E-4DC4-BEE8-0E3BCCA5DB27",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_6700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A884B1BB-F201-4C77-9F6E-B8A884DCD4C2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_9250:-:*:*:*:*:*:*:*",
"matchCriteriaId": "60219D0D-240E-4C5E-ADEE-0144DB076F28",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_9450:-:*:*:*:*:*:*:*",
"matchCriteriaId": "260EAE19-8320-4616-8833-B214D41FA98E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_9650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "94F17A77-EB74-4815-A026-6116755EFB37",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:soho_250:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9FDE64E9-44DD-4B7C-BA34-FE2C79E3FAED",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:soho_250w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E8F3935-89B4-4091-9B8C-442C02FD4F3A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:supermassive_9200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2D5A68BC-42AF-4F5A-8519-DCD232AEC0E1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:supermassive_9400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDDE20AC-E2E3-420A-B957-C525C9327CBE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:supermassive_9600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B61B24C7-3133-4AAA-9C7F-9EC84303E79A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz270:-:*:*:*:*:*:*:*",
"matchCriteriaId": "70340DD4-687B-402C-85AF-C2B80D0F1600",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz270w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "52847BA2-470B-4078-A79B-52095DB9214B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "09678BBE-7603-41D2-BF09-415CA33C7EFA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz300p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7003DBEF-CA74-4429-B567-5CFFB83762E6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz300w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A8AC8EAE-99BE-4889-9978-5083F71D7178",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz350:-:*:*:*:*:*:*:*",
"matchCriteriaId": "479B1418-CA62-4B24-A5DB-21F488941754",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz350w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D3E0AB47-5EE3-4F2F-B442-DA48C58C44D6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz370:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9853AE3A-B0EA-4249-AA7D-1F2051C9BF91",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz370w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4DBDD10C-F89D-4051-BC70-67B41167FF9B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D50B19A6-80C4-4FF7-9CD5-58938641D3DC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz400w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "745643D6-9336-4FBE-9625-99599DFBB8A2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz470:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C23940E-2F9D-447B-A740-42035ED5D400",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz470w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "90C790AD-C40E-4527-8F83-D278282A9600",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C09B5BCD-C830-4C67-B966-1CA499F21D04",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz500w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA61303F-736E-411F-AEF3-6335C0795138",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz570:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C7DF76E0-8E3D-4E0D-A3BB-F5AE05A4C7C9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz570p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "352DFCF9-E333-41C0-8033-91265768FD8E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz570w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4C882C38-9DA5-4C03-BB23-AB2B448E3307",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3506950B-2404-41D2-8EF3-1694777D9EEA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz600p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7B4C9916-AD16-4E31-90A6-2AD577EA9783",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz670:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AEEA6065-48D3-4EC7-BD94-CBAE3D1010FF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A29657F1-2177-431E-9726-0253979580A1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsv_10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "75912A50-E148-43C9-9335-BE19977F8A70",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv_100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12CF8746-84DF-4FB6-B5B7-AAED39E7FA6C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv_1600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3ED84FC8-3E4E-4D29-B725-57AE7EEEC6DA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv_200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AC0B21B1-ABA5-49E2-9B43-E85B9B447F45",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv_25:-:*:*:*:*:*:*:*",
"matchCriteriaId": "731B4849-2F0B-4625-B768-2287964ECDAF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv_270:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F2ABC8D8-2943-4073-9568-E87961A18998",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv_300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0BC92834-A624-49D8-BF14-9F545C63EB0B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv_400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "18066544-CD00-41A5-9392-6023020853D4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv_470:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9F57D527-AA3F-45E9-9BCE-6F76691066B5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv_50:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6A644965-B1B8-4581-BCAC-8D6BCC961A03",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv_800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "30061761-D324-43DD-B43D-F2DFEF987364",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv_870:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F5ECCCF0-A5D8-42A8-8EC1-D12B49B1124A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "351739EC-0DA2-4A53-901A-F75F87C7E903",
"versionEndIncluding": "6.0.5.3-94o",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:supermassive_e10200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "58F52D4A-407B-44D8-BFE7-E8861E45B71F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:supermassive_e10400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F5A020A4-5395-4D59-B16C-D83FD8BC7BC0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:supermassive_e10800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8338A3F2-1526-41CE-8A78-2717F77AB130",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A buffer overflow vulnerability in SonicOS allows a remote attacker to cause a Denial of Service (DoS) by sending a specially crafted request. This vulnerability affects SonicOS Gen5, Gen6, Gen7 platforms, and SonicOSv virtual firewalls."
},
{
"lang": "es",
"value": "Una vulnerabilidad de desbordamiento de b\u00fafer en SonicOS permite a un atacante remoto causar una denegaci\u00f3n de servicio (DoS) mediante el env\u00edo de una petici\u00f3n especialmente dise\u00f1ada. Esta vulnerabilidad afecta a las plataformas SonicOS Gen5, Gen6, Gen7 y a los firewalls virtuales SonicOSv"
}
],
"id": "CVE-2021-20027",
"lastModified": "2024-11-21T05:45:48.637",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-06-14T23:15:07.473",
"references": [
{
"source": "PSIRT@sonicwall.com",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0016"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0016"
}
],
"sourceIdentifier": "PSIRT@sonicwall.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-120"
}
],
"source": "PSIRT@sonicwall.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-120"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-03-02 22:15
Modified
2024-11-21 07:37
Severity ?
Summary
A Stack-based buffer overflow vulnerability in the SonicOS allows a remote unauthenticated attacker to cause Denial of Service (DoS), which could cause an impacted firewall to crash.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sonicwall | sonicos | * | |
| sonicwall | nsa_2700 | - | |
| sonicwall | nsa_3700 | - | |
| sonicwall | nsa_4700 | - | |
| sonicwall | nsa_5700 | - | |
| sonicwall | nsa_6700 | - | |
| sonicwall | nssp_10700 | - | |
| sonicwall | nssp_11700 | - | |
| sonicwall | nssp_13700 | - | |
| sonicwall | nsv_270 | - | |
| sonicwall | nsv_470 | - | |
| sonicwall | nsv_870 | - | |
| sonicwall | tz270 | - | |
| sonicwall | tz270w | - | |
| sonicwall | tz370 | - | |
| sonicwall | tz370w | - | |
| sonicwall | tz470 | - | |
| sonicwall | tz470w | - | |
| sonicwall | tz570 | - | |
| sonicwall | tz570p | - | |
| sonicwall | tz570w | - | |
| sonicwall | tz670 | - | |
| sonicwall | sonicos | * | |
| sonicwall | nssp_15700 | - | |
| sonicwall | sonicos | * | |
| sonicwall | nsv_10 | - | |
| sonicwall | nsv_100 | - | |
| sonicwall | nsv_1600 | - | |
| sonicwall | nsv_200 | - | |
| sonicwall | nsv_25 | - | |
| sonicwall | nsv_300 | - | |
| sonicwall | nsv_400 | - | |
| sonicwall | nsv_50 | - | |
| sonicwall | nsv_800 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D3048789-B1A5-4C58-9EA8-A0ABF8EE693E",
"versionEndIncluding": "7.0.1-5111",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsa_2700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8D8B0C7A-FD65-47CA-A625-150A90EFA7A1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_3700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A69E000B-5806-46FD-A233-4E2CC9DD38D2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_4700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8DF4A322-7CC7-4AB9-B10E-FFF34DF2182D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_5700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4C15FED5-C48C-47CF-9645-0563D77883C1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_6700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A884B1BB-F201-4C77-9F6E-B8A884DCD4C2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nssp_10700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7C3BA5A3-1160-4793-A8D6-40B9D264BCC4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nssp_11700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6739DEA3-06FF-4FEB-9931-0DB27F63B70E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nssp_13700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0250EDF9-0AEF-4711-8EF6-D447CF48BCAF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv_270:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F2ABC8D8-2943-4073-9568-E87961A18998",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv_470:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9F57D527-AA3F-45E9-9BCE-6F76691066B5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv_870:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F5ECCCF0-A5D8-42A8-8EC1-D12B49B1124A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz270:-:*:*:*:*:*:*:*",
"matchCriteriaId": "70340DD4-687B-402C-85AF-C2B80D0F1600",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz270w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "52847BA2-470B-4078-A79B-52095DB9214B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz370:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9853AE3A-B0EA-4249-AA7D-1F2051C9BF91",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz370w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4DBDD10C-F89D-4051-BC70-67B41167FF9B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz470:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C23940E-2F9D-447B-A740-42035ED5D400",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz470w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "90C790AD-C40E-4527-8F83-D278282A9600",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz570:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C7DF76E0-8E3D-4E0D-A3BB-F5AE05A4C7C9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz570p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "352DFCF9-E333-41C0-8033-91265768FD8E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz570w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4C882C38-9DA5-4C03-BB23-AB2B448E3307",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz670:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AEEA6065-48D3-4EC7-BD94-CBAE3D1010FF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C61C96E2-0679-4555-A5D6-75E1BE44CB1F",
"versionEndIncluding": "7.0.1-5083",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nssp_15700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7D6CF3CF-256C-4C04-8BDF-B16398CD0459",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "715F6C7A-0A62-4261-8DD1-17F34AD5F710",
"versionEndIncluding": "6.5.4.4-44v-21-1551",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsv_10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "75912A50-E148-43C9-9335-BE19977F8A70",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv_100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12CF8746-84DF-4FB6-B5B7-AAED39E7FA6C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv_1600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3ED84FC8-3E4E-4D29-B725-57AE7EEEC6DA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv_200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AC0B21B1-ABA5-49E2-9B43-E85B9B447F45",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv_25:-:*:*:*:*:*:*:*",
"matchCriteriaId": "731B4849-2F0B-4625-B768-2287964ECDAF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv_300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0BC92834-A624-49D8-BF14-9F545C63EB0B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv_400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "18066544-CD00-41A5-9392-6023020853D4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv_50:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6A644965-B1B8-4581-BCAC-8D6BCC961A03",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv_800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "30061761-D324-43DD-B43D-F2DFEF987364",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A Stack-based buffer overflow vulnerability in the SonicOS allows a remote unauthenticated attacker to cause Denial of Service (DoS), which could cause an impacted firewall to crash."
}
],
"id": "CVE-2023-0656",
"lastModified": "2024-11-21T07:37:34.140",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-03-02T22:15:09.487",
"references": [
{
"source": "PSIRT@sonicwall.com",
"tags": [
"Vendor Advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0004"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0004"
}
],
"sourceIdentifier": "PSIRT@sonicwall.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-121"
}
],
"source": "PSIRT@sonicwall.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-10-17 23:15
Modified
2024-11-21 08:15
Severity ?
Summary
SonicOS post-authentication user assertion failure leads to Stack-Based Buffer Overflow vulnerability via main.cgi leads to a firewall crash.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2C7049FD-8088-4FCE-886A-F4CF5E287D1C",
"versionEndExcluding": "7.0.1-5145",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsa2700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4AFAFCEC-A61E-40EB-87B9-7449751CCAF8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa3700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BC4F132-D29A-4974-86DA-6E35AB05327C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa4700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CBE365CF-DBE9-4C84-AB0C-0CAB7C74ED40",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa5700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "016BB564-CEFC-4E0C-9D38-D9C4C8B2E492",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa6700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5D95DCC6-6F48-4A79-A9F6-BDB1AEFA2180",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nssp10700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15F2741F-3C32-4075-A224-BE272B50E3D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nssp11700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AC883B32-987C-4D34-8BBF-39E2C57A62EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nssp13700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C72EA66A-320C-4D5E-B3F6-6D5F8733E2F1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nssp15700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F8B4A33E-8456-451E-AAF4-7F48BEDACF45",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F5B29EE-9D04-44CC-BB1F-C3C6130D2708",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB6153BB-7B2C-4307-ABE0-0E7E1745DEC7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv1600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "93914C8C-69ED-480C-80F2-4334C00788D8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE26ECE3-9E17-456F-A416-E23A758C9E4C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv25:-:*:*:*:*:*:*:*",
"matchCriteriaId": "67EEA85D-8F9E-4E41-B8B3-119738375A84",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv270:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DACDCE12-74C2-4F3C-8421-9191700514C5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F0D33997-0D65-464E-8AA5-043499C667D1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D13CD6CF-B048-4214-AAA8-AB58BE6C6C5E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv470:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AF1ECB1-6257-41E3-A050-6467063F4807",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv50:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA838CC7-083A-4BF1-9C95-BED6F5A2992C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D0171D69-14A6-4AB0-8377-C233F5E192D8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv870:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0883D805-1BA9-49CE-AEC7-51C9D9A69C5C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz270:-:*:*:*:*:*:*:*",
"matchCriteriaId": "70340DD4-687B-402C-85AF-C2B80D0F1600",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz270w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "52847BA2-470B-4078-A79B-52095DB9214B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz370:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9853AE3A-B0EA-4249-AA7D-1F2051C9BF91",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz370w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4DBDD10C-F89D-4051-BC70-67B41167FF9B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz470:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C23940E-2F9D-447B-A740-42035ED5D400",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz470w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "90C790AD-C40E-4527-8F83-D278282A9600",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz570:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C7DF76E0-8E3D-4E0D-A3BB-F5AE05A4C7C9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz570p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "352DFCF9-E333-41C0-8033-91265768FD8E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz570w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4C882C38-9DA5-4C03-BB23-AB2B448E3307",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz670:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AEEA6065-48D3-4EC7-BD94-CBAE3D1010FF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9B91638E-FB80-4C65-8A37-827488CB3E2C",
"versionEndExcluding": "6.5.4.4-44v-21-2340",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsv10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F5B29EE-9D04-44CC-BB1F-C3C6130D2708",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB6153BB-7B2C-4307-ABE0-0E7E1745DEC7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv1600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "93914C8C-69ED-480C-80F2-4334C00788D8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE26ECE3-9E17-456F-A416-E23A758C9E4C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv25:-:*:*:*:*:*:*:*",
"matchCriteriaId": "67EEA85D-8F9E-4E41-B8B3-119738375A84",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv270:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DACDCE12-74C2-4F3C-8421-9191700514C5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F0D33997-0D65-464E-8AA5-043499C667D1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D13CD6CF-B048-4214-AAA8-AB58BE6C6C5E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv470:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AF1ECB1-6257-41E3-A050-6467063F4807",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv50:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA838CC7-083A-4BF1-9C95-BED6F5A2992C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D0171D69-14A6-4AB0-8377-C233F5E192D8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv870:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0883D805-1BA9-49CE-AEC7-51C9D9A69C5C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0D74A465-1A72-4A02-8A54-FD502BD28119",
"versionEndExcluding": "6.5.4.13-105n",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsa_2600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F86D13F9-D41E-4230-9116-A781FFAEF00D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_2650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B7BCDFEE-DC5A-44B8-85DF-8BFC02B1A973",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_3600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8A24BCC0-CE41-49AF-B03D-D4FCB422503B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_3650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "043858A6-26AC-4EB0-A240-A43AD08C6AD5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_4600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8FD73880-DC60-467F-99B6-69807D58A840",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_4650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "73BB9452-A014-4A68-9662-63E6C60EEAD2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_5600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B0CF683A-7E83-464B-8A0D-4CC641377FA6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_5650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9FAAEBB4-F180-4195-BA7F-591AB02EEDC9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_6600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD9C3F77-2F1A-4C4F-A8F8-CDBFB7B87891",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_6650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "676B05B2-716E-4DC4-BEE8-0E3BCCA5DB27",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:sm_9200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FEF2B435-957C-4BBE-937D-23E4F33189EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:sm_9250:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0CE4FE75-10AD-47D4-AF87-E4C294F89EA8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:sm_9400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B485C543-DFCF-4481-92B4-F7198EE4FBD1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:sm_9450:-:*:*:*:*:*:*:*",
"matchCriteriaId": "928C1C0D-7AF7-4076-B5B2-207DFF3AD6A4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:sm_9600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F030C5AB-36CA-445E-AC87-8DEE18DBB40E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:sm_9650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A1F9D940-8AE2-4B92-B69D-9FF6F48DF16C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:soho_250:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9FDE64E9-44DD-4B7C-BA34-FE2C79E3FAED",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:soho_250w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E8F3935-89B4-4091-9B8C-442C02FD4F3A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:sohow:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7268E89B-FF46-45AD-82FF-333505EF957B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0804FADE-57F7-452F-86B3-079701059D37",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_300p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9956F726-6D62-4616-B60A-4D3DD6F32105",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_300w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "29F4D403-F20A-4802-AAE9-9582486EB436",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_350:-:*:*:*:*:*:*:*",
"matchCriteriaId": "675F28A7-0BB3-4CDA-855E-7EFC650B512E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5983C650-84F6-4B2E-A27E-9E83EA1DDC02",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_400w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BDD4B412-7967-477F-929E-8F12A39186FF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A1D996FA-52D1-47C2-87E6-682EEC9CA532",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_500w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B9DEF6EE-000D-407D-AA2B-E039BA306A2A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C0B8BFA4-2E15-4318-B7A9-DBDE801D0CF0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_600p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DCB8CDE6-8052-40F7-950F-05329499A58A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SonicOS post-authentication user assertion failure leads to Stack-Based Buffer Overflow vulnerability via main.cgi leads to a firewall crash.\n"
},
{
"lang": "es",
"value": "La falla de aserci\u00f3n del usuario posterior a la autenticaci\u00f3n de SonicOS conduce a una vulnerabilidad de desbordamiento del b\u00fafer a trav\u00e9s de main.cgi que provoca una falla del firewall."
}
],
"id": "CVE-2023-39278",
"lastModified": "2024-11-21T08:15:02.913",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-10-17T23:15:11.727",
"references": [
{
"source": "PSIRT@sonicwall.com",
"tags": [
"Vendor Advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0012"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0012"
}
],
"sourceIdentifier": "PSIRT@sonicwall.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-121"
}
],
"source": "PSIRT@sonicwall.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-07-18 08:15
Modified
2024-11-21 09:31
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
Heap-based buffer overflow vulnerability in the SonicOS IPSec VPN allows an unauthenticated remote attacker to cause Denial of Service (DoS).
References
| ▼ | URL | Tags | |
|---|---|---|---|
| PSIRT@sonicwall.com | https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0012 | Mitigation, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0012 | Mitigation, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sonicwall | sonicos | * | |
| sonicwall | nsv10 | - | |
| sonicwall | nsv100 | - | |
| sonicwall | nsv1600 | - | |
| sonicwall | nsv200 | - | |
| sonicwall | nsv25 | - | |
| sonicwall | nsv300 | - | |
| sonicwall | nsv400 | - | |
| sonicwall | nsv50 | - | |
| sonicwall | nsv800 | - | |
| sonicwall | sonicos | * | |
| sonicwall | sonicos | * | |
| sonicwall | nsa_2700 | - | |
| sonicwall | nsa_3700 | - | |
| sonicwall | nsa_4700 | - | |
| sonicwall | nsa_5700 | - | |
| sonicwall | nsa_6700 | - | |
| sonicwall | nssp_10700 | - | |
| sonicwall | nssp_11700 | - | |
| sonicwall | nssp_13700 | - | |
| sonicwall | nssp_15700 | - | |
| sonicwall | nsv_270 | - | |
| sonicwall | nsv_470 | - | |
| sonicwall | nsv_870 | - | |
| sonicwall | tz270 | - | |
| sonicwall | tz270w | - | |
| sonicwall | tz370 | - | |
| sonicwall | tz370w | - | |
| sonicwall | tz470 | - | |
| sonicwall | tz470w | - | |
| sonicwall | tz570 | - | |
| sonicwall | tz570p | - | |
| sonicwall | tz570w | - | |
| sonicwall | tz670 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8842B1FC-9CC4-4DB8-8119-B435CD33A5D1",
"versionEndExcluding": "6.5.4.v-21s-rc2457",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsv10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F5B29EE-9D04-44CC-BB1F-C3C6130D2708",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB6153BB-7B2C-4307-ABE0-0E7E1745DEC7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv1600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "93914C8C-69ED-480C-80F2-4334C00788D8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE26ECE3-9E17-456F-A416-E23A758C9E4C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv25:-:*:*:*:*:*:*:*",
"matchCriteriaId": "67EEA85D-8F9E-4E41-B8B3-119738375A84",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F0D33997-0D65-464E-8AA5-043499C667D1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D13CD6CF-B048-4214-AAA8-AB58BE6C6C5E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv50:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA838CC7-083A-4BF1-9C95-BED6F5A2992C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D0171D69-14A6-4AB0-8377-C233F5E192D8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BE881F9C-CE9E-4D1B-92BA-D28B2B16178A",
"versionEndExcluding": "7.0.1-5161",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "797C9FA3-70EF-492A-ACA3-CE21422D5AAA",
"versionEndExcluding": "7.1.1-7058",
"versionStartIncluding": "7.1.1-7040",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsa_2700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8D8B0C7A-FD65-47CA-A625-150A90EFA7A1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_3700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A69E000B-5806-46FD-A233-4E2CC9DD38D2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_4700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8DF4A322-7CC7-4AB9-B10E-FFF34DF2182D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_5700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4C15FED5-C48C-47CF-9645-0563D77883C1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_6700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A884B1BB-F201-4C77-9F6E-B8A884DCD4C2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nssp_10700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7C3BA5A3-1160-4793-A8D6-40B9D264BCC4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nssp_11700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6739DEA3-06FF-4FEB-9931-0DB27F63B70E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nssp_13700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0250EDF9-0AEF-4711-8EF6-D447CF48BCAF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nssp_15700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7D6CF3CF-256C-4C04-8BDF-B16398CD0459",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv_270:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F2ABC8D8-2943-4073-9568-E87961A18998",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv_470:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9F57D527-AA3F-45E9-9BCE-6F76691066B5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv_870:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F5ECCCF0-A5D8-42A8-8EC1-D12B49B1124A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz270:-:*:*:*:*:*:*:*",
"matchCriteriaId": "70340DD4-687B-402C-85AF-C2B80D0F1600",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz270w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "52847BA2-470B-4078-A79B-52095DB9214B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz370:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9853AE3A-B0EA-4249-AA7D-1F2051C9BF91",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz370w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4DBDD10C-F89D-4051-BC70-67B41167FF9B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz470:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C23940E-2F9D-447B-A740-42035ED5D400",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz470w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "90C790AD-C40E-4527-8F83-D278282A9600",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz570:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C7DF76E0-8E3D-4E0D-A3BB-F5AE05A4C7C9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz570p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "352DFCF9-E333-41C0-8033-91265768FD8E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz570w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4C882C38-9DA5-4C03-BB23-AB2B448E3307",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz670:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AEEA6065-48D3-4EC7-BD94-CBAE3D1010FF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow vulnerability in the SonicOS IPSec VPN allows an unauthenticated remote attacker to cause Denial of Service (DoS)."
},
{
"lang": "es",
"value": "Una vulnerabilidad de desbordamiento de b\u00fafer basada en mont\u00f3n en SonicOS IPSec VPN permite que un atacante remoto no autenticado provoque una denegaci\u00f3n de servicio (DoS)."
}
],
"id": "CVE-2024-40764",
"lastModified": "2024-11-21T09:31:34.703",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2024-07-18T08:15:02.340",
"references": [
{
"source": "PSIRT@sonicwall.com",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0012"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0012"
}
],
"sourceIdentifier": "PSIRT@sonicwall.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-122"
}
],
"source": "PSIRT@sonicwall.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-10-17 23:15
Modified
2024-11-21 08:15
Severity ?
Summary
SonicOS post-authentication stack-based buffer overflow vulnerability in the getBookmarkList.json URL endpoint leads to a firewall crash.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2C7049FD-8088-4FCE-886A-F4CF5E287D1C",
"versionEndExcluding": "7.0.1-5145",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsa2700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4AFAFCEC-A61E-40EB-87B9-7449751CCAF8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa3700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BC4F132-D29A-4974-86DA-6E35AB05327C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa4700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CBE365CF-DBE9-4C84-AB0C-0CAB7C74ED40",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa5700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "016BB564-CEFC-4E0C-9D38-D9C4C8B2E492",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa6700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5D95DCC6-6F48-4A79-A9F6-BDB1AEFA2180",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nssp10700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15F2741F-3C32-4075-A224-BE272B50E3D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nssp11700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AC883B32-987C-4D34-8BBF-39E2C57A62EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nssp13700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C72EA66A-320C-4D5E-B3F6-6D5F8733E2F1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nssp15700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F8B4A33E-8456-451E-AAF4-7F48BEDACF45",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F5B29EE-9D04-44CC-BB1F-C3C6130D2708",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB6153BB-7B2C-4307-ABE0-0E7E1745DEC7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv1600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "93914C8C-69ED-480C-80F2-4334C00788D8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE26ECE3-9E17-456F-A416-E23A758C9E4C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv25:-:*:*:*:*:*:*:*",
"matchCriteriaId": "67EEA85D-8F9E-4E41-B8B3-119738375A84",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv270:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DACDCE12-74C2-4F3C-8421-9191700514C5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F0D33997-0D65-464E-8AA5-043499C667D1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D13CD6CF-B048-4214-AAA8-AB58BE6C6C5E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv470:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AF1ECB1-6257-41E3-A050-6467063F4807",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv50:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA838CC7-083A-4BF1-9C95-BED6F5A2992C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D0171D69-14A6-4AB0-8377-C233F5E192D8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv870:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0883D805-1BA9-49CE-AEC7-51C9D9A69C5C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz270:-:*:*:*:*:*:*:*",
"matchCriteriaId": "70340DD4-687B-402C-85AF-C2B80D0F1600",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz270w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "52847BA2-470B-4078-A79B-52095DB9214B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz370:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9853AE3A-B0EA-4249-AA7D-1F2051C9BF91",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz370w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4DBDD10C-F89D-4051-BC70-67B41167FF9B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz470:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C23940E-2F9D-447B-A740-42035ED5D400",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz470w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "90C790AD-C40E-4527-8F83-D278282A9600",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz570:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C7DF76E0-8E3D-4E0D-A3BB-F5AE05A4C7C9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz570p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "352DFCF9-E333-41C0-8033-91265768FD8E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz570w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4C882C38-9DA5-4C03-BB23-AB2B448E3307",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz670:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AEEA6065-48D3-4EC7-BD94-CBAE3D1010FF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9B91638E-FB80-4C65-8A37-827488CB3E2C",
"versionEndExcluding": "6.5.4.4-44v-21-2340",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsv10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F5B29EE-9D04-44CC-BB1F-C3C6130D2708",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB6153BB-7B2C-4307-ABE0-0E7E1745DEC7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv1600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "93914C8C-69ED-480C-80F2-4334C00788D8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE26ECE3-9E17-456F-A416-E23A758C9E4C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv25:-:*:*:*:*:*:*:*",
"matchCriteriaId": "67EEA85D-8F9E-4E41-B8B3-119738375A84",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv270:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DACDCE12-74C2-4F3C-8421-9191700514C5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F0D33997-0D65-464E-8AA5-043499C667D1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D13CD6CF-B048-4214-AAA8-AB58BE6C6C5E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv470:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AF1ECB1-6257-41E3-A050-6467063F4807",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv50:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA838CC7-083A-4BF1-9C95-BED6F5A2992C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D0171D69-14A6-4AB0-8377-C233F5E192D8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv870:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0883D805-1BA9-49CE-AEC7-51C9D9A69C5C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0D74A465-1A72-4A02-8A54-FD502BD28119",
"versionEndExcluding": "6.5.4.13-105n",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsa_2600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F86D13F9-D41E-4230-9116-A781FFAEF00D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_2650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B7BCDFEE-DC5A-44B8-85DF-8BFC02B1A973",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_3600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8A24BCC0-CE41-49AF-B03D-D4FCB422503B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_3650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "043858A6-26AC-4EB0-A240-A43AD08C6AD5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_4600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8FD73880-DC60-467F-99B6-69807D58A840",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_4650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "73BB9452-A014-4A68-9662-63E6C60EEAD2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_5600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B0CF683A-7E83-464B-8A0D-4CC641377FA6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_5650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9FAAEBB4-F180-4195-BA7F-591AB02EEDC9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_6600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD9C3F77-2F1A-4C4F-A8F8-CDBFB7B87891",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_6650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "676B05B2-716E-4DC4-BEE8-0E3BCCA5DB27",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:sm_9200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FEF2B435-957C-4BBE-937D-23E4F33189EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:sm_9250:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0CE4FE75-10AD-47D4-AF87-E4C294F89EA8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:sm_9400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B485C543-DFCF-4481-92B4-F7198EE4FBD1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:sm_9450:-:*:*:*:*:*:*:*",
"matchCriteriaId": "928C1C0D-7AF7-4076-B5B2-207DFF3AD6A4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:sm_9600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F030C5AB-36CA-445E-AC87-8DEE18DBB40E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:sm_9650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A1F9D940-8AE2-4B92-B69D-9FF6F48DF16C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:soho_250:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9FDE64E9-44DD-4B7C-BA34-FE2C79E3FAED",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:soho_250w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E8F3935-89B4-4091-9B8C-442C02FD4F3A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:sohow:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7268E89B-FF46-45AD-82FF-333505EF957B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0804FADE-57F7-452F-86B3-079701059D37",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_300p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9956F726-6D62-4616-B60A-4D3DD6F32105",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_300w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "29F4D403-F20A-4802-AAE9-9582486EB436",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_350:-:*:*:*:*:*:*:*",
"matchCriteriaId": "675F28A7-0BB3-4CDA-855E-7EFC650B512E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5983C650-84F6-4B2E-A27E-9E83EA1DDC02",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_400w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BDD4B412-7967-477F-929E-8F12A39186FF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A1D996FA-52D1-47C2-87E6-682EEC9CA532",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_500w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B9DEF6EE-000D-407D-AA2B-E039BA306A2A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C0B8BFA4-2E15-4318-B7A9-DBDE801D0CF0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_600p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DCB8CDE6-8052-40F7-950F-05329499A58A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "\nSonicOS post-authentication stack-based buffer overflow vulnerability in the getBookmarkList.json URL endpoint leads to a firewall crash.\n\n\n"
},
{
"lang": "es",
"value": "La vulnerabilidad de desbordamiento del b\u00fafer de autenticaci\u00f3n posterior de SonicOS en el endpoint de la URL getBookmarkList.json provoca una falla del firewall."
}
],
"id": "CVE-2023-39276",
"lastModified": "2024-11-21T08:15:02.593",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-10-17T23:15:11.573",
"references": [
{
"source": "PSIRT@sonicwall.com",
"tags": [
"Vendor Advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0012"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0012"
}
],
"sourceIdentifier": "PSIRT@sonicwall.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-121"
}
],
"source": "PSIRT@sonicwall.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-06-20 09:15
Modified
2024-11-21 09:07
Severity ?
Summary
Heap-based buffer overflow vulnerability in the SonicOS SSL-VPN allows an authenticated remote attacker to cause Denial of Service (DoS) via memcpy function.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| PSIRT@sonicwall.com | https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0009 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0009 | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sonicwall | sonicos | * | |
| sonicwall | sonicos | * | |
| sonicwall | sonicos | * | |
| sonicwall | nsa_2700 | - | |
| sonicwall | nsa_3700 | - | |
| sonicwall | nsa_4700 | - | |
| sonicwall | nsa_5700 | - | |
| sonicwall | nsa_6700 | - | |
| sonicwall | nssp_10700 | - | |
| sonicwall | nssp_11700 | - | |
| sonicwall | nssp_13700 | - | |
| sonicwall | nsv_270 | - | |
| sonicwall | nsv_470 | - | |
| sonicwall | nsv_870 | - | |
| sonicwall | tz270 | - | |
| sonicwall | tz270w | - | |
| sonicwall | tz370 | - | |
| sonicwall | tz370w | - | |
| sonicwall | tz470 | - | |
| sonicwall | tz470w | - | |
| sonicwall | tz570 | - | |
| sonicwall | tz570p | - | |
| sonicwall | tz570w | - | |
| sonicwall | tz670 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BE881F9C-CE9E-4D1B-92BA-D28B2B16178A",
"versionEndExcluding": "7.0.1-5161",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FFC449BE-1EA7-42B9-BB33-4FF14A78D2B0",
"versionEndExcluding": "7.1.1-7058",
"versionStartIncluding": "7.1.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A859C784-32BA-43BC-97BC-120047A67EEC",
"versionEndExcluding": "7.1.2-7019",
"versionStartIncluding": "7.1.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsa_2700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8D8B0C7A-FD65-47CA-A625-150A90EFA7A1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_3700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A69E000B-5806-46FD-A233-4E2CC9DD38D2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_4700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8DF4A322-7CC7-4AB9-B10E-FFF34DF2182D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_5700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4C15FED5-C48C-47CF-9645-0563D77883C1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_6700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A884B1BB-F201-4C77-9F6E-B8A884DCD4C2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nssp_10700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7C3BA5A3-1160-4793-A8D6-40B9D264BCC4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nssp_11700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6739DEA3-06FF-4FEB-9931-0DB27F63B70E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nssp_13700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0250EDF9-0AEF-4711-8EF6-D447CF48BCAF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv_270:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F2ABC8D8-2943-4073-9568-E87961A18998",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv_470:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9F57D527-AA3F-45E9-9BCE-6F76691066B5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv_870:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F5ECCCF0-A5D8-42A8-8EC1-D12B49B1124A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz270:-:*:*:*:*:*:*:*",
"matchCriteriaId": "70340DD4-687B-402C-85AF-C2B80D0F1600",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz270w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "52847BA2-470B-4078-A79B-52095DB9214B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz370:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9853AE3A-B0EA-4249-AA7D-1F2051C9BF91",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz370w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4DBDD10C-F89D-4051-BC70-67B41167FF9B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz470:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C23940E-2F9D-447B-A740-42035ED5D400",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz470w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "90C790AD-C40E-4527-8F83-D278282A9600",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz570:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C7DF76E0-8E3D-4E0D-A3BB-F5AE05A4C7C9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz570p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "352DFCF9-E333-41C0-8033-91265768FD8E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz570w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4C882C38-9DA5-4C03-BB23-AB2B448E3307",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz670:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AEEA6065-48D3-4EC7-BD94-CBAE3D1010FF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow vulnerability in the SonicOS SSL-VPN allows an authenticated remote attacker to cause Denial of Service (DoS) via memcpy function."
},
{
"lang": "es",
"value": "Una vulnerabilidad de desbordamiento de b\u00fafer basada en mont\u00f3n en SonicOS SSL-VPN permite que un atacante remoto autenticado provoque una denegaci\u00f3n de servicio (DoS) a trav\u00e9s de la funci\u00f3n memcpy."
}
],
"id": "CVE-2024-29013",
"lastModified": "2024-11-21T09:07:22.477",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-06-20T09:15:11.543",
"references": [
{
"source": "PSIRT@sonicwall.com",
"tags": [
"Third Party Advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0009"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0009"
}
],
"sourceIdentifier": "PSIRT@sonicwall.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-122"
}
],
"source": "PSIRT@sonicwall.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-01-10 14:10
Modified
2024-11-21 05:45
Severity ?
Summary
A Stack-based buffer overflow in the SonicOS SessionID HTTP response header allows a remote authenticated attacker to cause Denial of Service (DoS) and potentially results in code execution in the firewall. This vulnerability affected SonicOS Gen 5, Gen 6 and Gen 7 firmware versions.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "50478447-8102-4BC4-9E96-3165B20B8BE8",
"versionEndIncluding": "7.0.1-r1456",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsa_2650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B7BCDFEE-DC5A-44B8-85DF-8BFC02B1A973",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_2700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8D8B0C7A-FD65-47CA-A625-150A90EFA7A1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_3650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "043858A6-26AC-4EB0-A240-A43AD08C6AD5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_3700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A69E000B-5806-46FD-A233-4E2CC9DD38D2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_4650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "73BB9452-A014-4A68-9662-63E6C60EEAD2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_4700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8DF4A322-7CC7-4AB9-B10E-FFF34DF2182D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_5650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9FAAEBB4-F180-4195-BA7F-591AB02EEDC9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_6650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "676B05B2-716E-4DC4-BEE8-0E3BCCA5DB27",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_6700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A884B1BB-F201-4C77-9F6E-B8A884DCD4C2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_9250:-:*:*:*:*:*:*:*",
"matchCriteriaId": "60219D0D-240E-4C5E-ADEE-0144DB076F28",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_9450:-:*:*:*:*:*:*:*",
"matchCriteriaId": "260EAE19-8320-4616-8833-B214D41FA98E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_9650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "94F17A77-EB74-4815-A026-6116755EFB37",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz270:-:*:*:*:*:*:*:*",
"matchCriteriaId": "70340DD4-687B-402C-85AF-C2B80D0F1600",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz270w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "52847BA2-470B-4078-A79B-52095DB9214B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "09678BBE-7603-41D2-BF09-415CA33C7EFA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz300p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7003DBEF-CA74-4429-B567-5CFFB83762E6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz300w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A8AC8EAE-99BE-4889-9978-5083F71D7178",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz350:-:*:*:*:*:*:*:*",
"matchCriteriaId": "479B1418-CA62-4B24-A5DB-21F488941754",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz350w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D3E0AB47-5EE3-4F2F-B442-DA48C58C44D6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz370:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9853AE3A-B0EA-4249-AA7D-1F2051C9BF91",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz370w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4DBDD10C-F89D-4051-BC70-67B41167FF9B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D50B19A6-80C4-4FF7-9CD5-58938641D3DC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz400w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "745643D6-9336-4FBE-9625-99599DFBB8A2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz470:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C23940E-2F9D-447B-A740-42035ED5D400",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz470w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "90C790AD-C40E-4527-8F83-D278282A9600",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C09B5BCD-C830-4C67-B966-1CA499F21D04",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz500w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA61303F-736E-411F-AEF3-6335C0795138",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz570:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C7DF76E0-8E3D-4E0D-A3BB-F5AE05A4C7C9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz570p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "352DFCF9-E333-41C0-8033-91265768FD8E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz570w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4C882C38-9DA5-4C03-BB23-AB2B448E3307",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3506950B-2404-41D2-8EF3-1694777D9EEA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz600p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7B4C9916-AD16-4E31-90A6-2AD577EA9783",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz670:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AEEA6065-48D3-4EC7-BD94-CBAE3D1010FF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EF016251-1EC4-4513-981C-CF846CBB11A6",
"versionEndIncluding": "7.0.1-5023-1349",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsv_10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "75912A50-E148-43C9-9335-BE19977F8A70",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv_100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12CF8746-84DF-4FB6-B5B7-AAED39E7FA6C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv_1600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3ED84FC8-3E4E-4D29-B725-57AE7EEEC6DA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv_200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AC0B21B1-ABA5-49E2-9B43-E85B9B447F45",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv_25:-:*:*:*:*:*:*:*",
"matchCriteriaId": "731B4849-2F0B-4625-B768-2287964ECDAF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv_270:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F2ABC8D8-2943-4073-9568-E87961A18998",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv_300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0BC92834-A624-49D8-BF14-9F545C63EB0B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv_400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "18066544-CD00-41A5-9392-6023020853D4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv_470:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9F57D527-AA3F-45E9-9BCE-6F76691066B5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv_50:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6A644965-B1B8-4581-BCAC-8D6BCC961A03",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv_800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "30061761-D324-43DD-B43D-F2DFEF987364",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv_870:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F5ECCCF0-A5D8-42A8-8EC1-D12B49B1124A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DB2AC71A-1446-4448-88C0-30295BE95577",
"versionEndIncluding": "7.0.1-5018-r1715",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nssp_12400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F2F22AB1-044C-45F1-BD33-82BB46402363",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nssp_12800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E62EAD79-2CD4-4479-B26A-A0C97B5B241A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nssp_13700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0250EDF9-0AEF-4711-8EF6-D447CF48BCAF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nssp_15700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7D6CF3CF-256C-4C04-8BDF-B16398CD0459",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "69B768DB-D5BE-44A5-9155-6667ED9F410C",
"versionEndIncluding": "6.5.4.8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsa_2650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B7BCDFEE-DC5A-44B8-85DF-8BFC02B1A973",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_2700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8D8B0C7A-FD65-47CA-A625-150A90EFA7A1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_3650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "043858A6-26AC-4EB0-A240-A43AD08C6AD5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_3700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A69E000B-5806-46FD-A233-4E2CC9DD38D2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_4650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "73BB9452-A014-4A68-9662-63E6C60EEAD2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_4700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8DF4A322-7CC7-4AB9-B10E-FFF34DF2182D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_5650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9FAAEBB4-F180-4195-BA7F-591AB02EEDC9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_6650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "676B05B2-716E-4DC4-BEE8-0E3BCCA5DB27",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_6700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A884B1BB-F201-4C77-9F6E-B8A884DCD4C2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_9250:-:*:*:*:*:*:*:*",
"matchCriteriaId": "60219D0D-240E-4C5E-ADEE-0144DB076F28",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_9450:-:*:*:*:*:*:*:*",
"matchCriteriaId": "260EAE19-8320-4616-8833-B214D41FA98E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_9650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "94F17A77-EB74-4815-A026-6116755EFB37",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:soho_250w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E8F3935-89B4-4091-9B8C-442C02FD4F3A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:supermassive_9200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2D5A68BC-42AF-4F5A-8519-DCD232AEC0E1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:supermassive_9400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDDE20AC-E2E3-420A-B957-C525C9327CBE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:supermassive_9600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B61B24C7-3133-4AAA-9C7F-9EC84303E79A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:supermassive_9800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "08CEF935-BC0B-4A7D-BB3C-72B68965383F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz270:-:*:*:*:*:*:*:*",
"matchCriteriaId": "70340DD4-687B-402C-85AF-C2B80D0F1600",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz270w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "52847BA2-470B-4078-A79B-52095DB9214B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "09678BBE-7603-41D2-BF09-415CA33C7EFA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz300p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7003DBEF-CA74-4429-B567-5CFFB83762E6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz300w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A8AC8EAE-99BE-4889-9978-5083F71D7178",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz350:-:*:*:*:*:*:*:*",
"matchCriteriaId": "479B1418-CA62-4B24-A5DB-21F488941754",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz350w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D3E0AB47-5EE3-4F2F-B442-DA48C58C44D6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz370:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9853AE3A-B0EA-4249-AA7D-1F2051C9BF91",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz370w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4DBDD10C-F89D-4051-BC70-67B41167FF9B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D50B19A6-80C4-4FF7-9CD5-58938641D3DC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz400w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "745643D6-9336-4FBE-9625-99599DFBB8A2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz470:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C23940E-2F9D-447B-A740-42035ED5D400",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz470w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "90C790AD-C40E-4527-8F83-D278282A9600",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C09B5BCD-C830-4C67-B966-1CA499F21D04",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz500w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA61303F-736E-411F-AEF3-6335C0795138",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz570:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C7DF76E0-8E3D-4E0D-A3BB-F5AE05A4C7C9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz570p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "352DFCF9-E333-41C0-8033-91265768FD8E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz570w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4C882C38-9DA5-4C03-BB23-AB2B448E3307",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3506950B-2404-41D2-8EF3-1694777D9EEA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz600p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7B4C9916-AD16-4E31-90A6-2AD577EA9783",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz670:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AEEA6065-48D3-4EC7-BD94-CBAE3D1010FF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A3E0782E-7AA4-4569-920F-E8C94892C2E1",
"versionEndIncluding": "6.5.1.13-1n",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nssp_12400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F2F22AB1-044C-45F1-BD33-82BB46402363",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nssp_12800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E62EAD79-2CD4-4479-B26A-A0C97B5B241A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:supermassive_9800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "08CEF935-BC0B-4A7D-BB3C-72B68965383F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "351739EC-0DA2-4A53-901A-F75F87C7E903",
"versionEndIncluding": "6.0.5.3-94o",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:supermassive_e10200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "58F52D4A-407B-44D8-BFE7-E8861E45B71F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:supermassive_e10400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F5A020A4-5395-4D59-B16C-D83FD8BC7BC0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:supermassive_e10800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8338A3F2-1526-41CE-8A78-2717F77AB130",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FF2C3009-7B05-41B3-849E-DFBB8C79968D",
"versionEndIncluding": "5.9.1.13",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsa_2650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B7BCDFEE-DC5A-44B8-85DF-8BFC02B1A973",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_2700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8D8B0C7A-FD65-47CA-A625-150A90EFA7A1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_3650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "043858A6-26AC-4EB0-A240-A43AD08C6AD5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_3700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A69E000B-5806-46FD-A233-4E2CC9DD38D2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_4650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "73BB9452-A014-4A68-9662-63E6C60EEAD2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_4700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8DF4A322-7CC7-4AB9-B10E-FFF34DF2182D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_5650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9FAAEBB4-F180-4195-BA7F-591AB02EEDC9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_6650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "676B05B2-716E-4DC4-BEE8-0E3BCCA5DB27",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_6700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A884B1BB-F201-4C77-9F6E-B8A884DCD4C2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_9250:-:*:*:*:*:*:*:*",
"matchCriteriaId": "60219D0D-240E-4C5E-ADEE-0144DB076F28",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_9450:-:*:*:*:*:*:*:*",
"matchCriteriaId": "260EAE19-8320-4616-8833-B214D41FA98E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_9650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "94F17A77-EB74-4815-A026-6116755EFB37",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:soho_250:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9FDE64E9-44DD-4B7C-BA34-FE2C79E3FAED",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:soho_250w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E8F3935-89B4-4091-9B8C-442C02FD4F3A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz270:-:*:*:*:*:*:*:*",
"matchCriteriaId": "70340DD4-687B-402C-85AF-C2B80D0F1600",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz270w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "52847BA2-470B-4078-A79B-52095DB9214B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "09678BBE-7603-41D2-BF09-415CA33C7EFA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz300p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7003DBEF-CA74-4429-B567-5CFFB83762E6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz300w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A8AC8EAE-99BE-4889-9978-5083F71D7178",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz350:-:*:*:*:*:*:*:*",
"matchCriteriaId": "479B1418-CA62-4B24-A5DB-21F488941754",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz350w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D3E0AB47-5EE3-4F2F-B442-DA48C58C44D6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz370:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9853AE3A-B0EA-4249-AA7D-1F2051C9BF91",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz370w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4DBDD10C-F89D-4051-BC70-67B41167FF9B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D50B19A6-80C4-4FF7-9CD5-58938641D3DC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz400w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "745643D6-9336-4FBE-9625-99599DFBB8A2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz470:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C23940E-2F9D-447B-A740-42035ED5D400",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz470w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "90C790AD-C40E-4527-8F83-D278282A9600",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C09B5BCD-C830-4C67-B966-1CA499F21D04",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz500w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA61303F-736E-411F-AEF3-6335C0795138",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A Stack-based buffer overflow in the SonicOS SessionID HTTP response header allows a remote authenticated attacker to cause Denial of Service (DoS) and potentially results in code execution in the firewall. This vulnerability affected SonicOS Gen 5, Gen 6 and Gen 7 firmware versions."
},
{
"lang": "es",
"value": "Un desbordamiento del b\u00fafer en la regi\u00f3n Stack de la memoria en el encabezado de respuesta HTTP SessionID de SonicOS permite a un atacante remoto autenticado causar una Denegaci\u00f3n de Servicio (DoS) y potencialmente resultar en una ejecuci\u00f3n de c\u00f3digo en el firewall. Esta vulnerabilidad afecta a SonicOS versiones de firmware Gen 5, Gen 6 y Gen 7"
}
],
"id": "CVE-2021-20048",
"lastModified": "2024-11-21T05:45:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-01-10T14:10:16.610",
"references": [
{
"source": "PSIRT@sonicwall.com",
"tags": [
"Vendor Advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0028"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0028"
}
],
"sourceIdentifier": "PSIRT@sonicwall.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-121"
}
],
"source": "PSIRT@sonicwall.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-10-17 23:15
Modified
2024-11-21 08:15
Severity ?
Summary
SonicOS p
ost-authentication Stack-Based Buffer Overflow vulnerability in the ssoStats-s.xml, ssoStats-s.wri URL endpoints leads to a firewall crash.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2C7049FD-8088-4FCE-886A-F4CF5E287D1C",
"versionEndExcluding": "7.0.1-5145",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsa2700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4AFAFCEC-A61E-40EB-87B9-7449751CCAF8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa3700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BC4F132-D29A-4974-86DA-6E35AB05327C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa4700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CBE365CF-DBE9-4C84-AB0C-0CAB7C74ED40",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa5700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "016BB564-CEFC-4E0C-9D38-D9C4C8B2E492",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa6700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5D95DCC6-6F48-4A79-A9F6-BDB1AEFA2180",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nssp10700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15F2741F-3C32-4075-A224-BE272B50E3D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nssp11700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AC883B32-987C-4D34-8BBF-39E2C57A62EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nssp13700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C72EA66A-320C-4D5E-B3F6-6D5F8733E2F1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nssp15700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F8B4A33E-8456-451E-AAF4-7F48BEDACF45",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F5B29EE-9D04-44CC-BB1F-C3C6130D2708",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB6153BB-7B2C-4307-ABE0-0E7E1745DEC7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv1600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "93914C8C-69ED-480C-80F2-4334C00788D8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE26ECE3-9E17-456F-A416-E23A758C9E4C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv25:-:*:*:*:*:*:*:*",
"matchCriteriaId": "67EEA85D-8F9E-4E41-B8B3-119738375A84",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv270:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DACDCE12-74C2-4F3C-8421-9191700514C5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F0D33997-0D65-464E-8AA5-043499C667D1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D13CD6CF-B048-4214-AAA8-AB58BE6C6C5E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv470:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AF1ECB1-6257-41E3-A050-6467063F4807",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv50:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA838CC7-083A-4BF1-9C95-BED6F5A2992C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D0171D69-14A6-4AB0-8377-C233F5E192D8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv870:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0883D805-1BA9-49CE-AEC7-51C9D9A69C5C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz270:-:*:*:*:*:*:*:*",
"matchCriteriaId": "70340DD4-687B-402C-85AF-C2B80D0F1600",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz270w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "52847BA2-470B-4078-A79B-52095DB9214B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz370:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9853AE3A-B0EA-4249-AA7D-1F2051C9BF91",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz370w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4DBDD10C-F89D-4051-BC70-67B41167FF9B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz470:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C23940E-2F9D-447B-A740-42035ED5D400",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz470w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "90C790AD-C40E-4527-8F83-D278282A9600",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz570:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C7DF76E0-8E3D-4E0D-A3BB-F5AE05A4C7C9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz570p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "352DFCF9-E333-41C0-8033-91265768FD8E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz570w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4C882C38-9DA5-4C03-BB23-AB2B448E3307",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz670:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AEEA6065-48D3-4EC7-BD94-CBAE3D1010FF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9B91638E-FB80-4C65-8A37-827488CB3E2C",
"versionEndExcluding": "6.5.4.4-44v-21-2340",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsv10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F5B29EE-9D04-44CC-BB1F-C3C6130D2708",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB6153BB-7B2C-4307-ABE0-0E7E1745DEC7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv1600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "93914C8C-69ED-480C-80F2-4334C00788D8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE26ECE3-9E17-456F-A416-E23A758C9E4C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv25:-:*:*:*:*:*:*:*",
"matchCriteriaId": "67EEA85D-8F9E-4E41-B8B3-119738375A84",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv270:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DACDCE12-74C2-4F3C-8421-9191700514C5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F0D33997-0D65-464E-8AA5-043499C667D1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D13CD6CF-B048-4214-AAA8-AB58BE6C6C5E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv470:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AF1ECB1-6257-41E3-A050-6467063F4807",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv50:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA838CC7-083A-4BF1-9C95-BED6F5A2992C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D0171D69-14A6-4AB0-8377-C233F5E192D8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv870:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0883D805-1BA9-49CE-AEC7-51C9D9A69C5C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0D74A465-1A72-4A02-8A54-FD502BD28119",
"versionEndExcluding": "6.5.4.13-105n",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsa_2600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F86D13F9-D41E-4230-9116-A781FFAEF00D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_2650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B7BCDFEE-DC5A-44B8-85DF-8BFC02B1A973",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_3600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8A24BCC0-CE41-49AF-B03D-D4FCB422503B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_3650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "043858A6-26AC-4EB0-A240-A43AD08C6AD5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_4600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8FD73880-DC60-467F-99B6-69807D58A840",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_4650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "73BB9452-A014-4A68-9662-63E6C60EEAD2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_5600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B0CF683A-7E83-464B-8A0D-4CC641377FA6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_5650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9FAAEBB4-F180-4195-BA7F-591AB02EEDC9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_6600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD9C3F77-2F1A-4C4F-A8F8-CDBFB7B87891",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_6650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "676B05B2-716E-4DC4-BEE8-0E3BCCA5DB27",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:sm_9200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FEF2B435-957C-4BBE-937D-23E4F33189EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:sm_9250:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0CE4FE75-10AD-47D4-AF87-E4C294F89EA8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:sm_9400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B485C543-DFCF-4481-92B4-F7198EE4FBD1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:sm_9450:-:*:*:*:*:*:*:*",
"matchCriteriaId": "928C1C0D-7AF7-4076-B5B2-207DFF3AD6A4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:sm_9600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F030C5AB-36CA-445E-AC87-8DEE18DBB40E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:sm_9650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A1F9D940-8AE2-4B92-B69D-9FF6F48DF16C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:soho_250:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9FDE64E9-44DD-4B7C-BA34-FE2C79E3FAED",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:soho_250w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E8F3935-89B4-4091-9B8C-442C02FD4F3A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:sohow:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7268E89B-FF46-45AD-82FF-333505EF957B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0804FADE-57F7-452F-86B3-079701059D37",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_300p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9956F726-6D62-4616-B60A-4D3DD6F32105",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_300w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "29F4D403-F20A-4802-AAE9-9582486EB436",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_350:-:*:*:*:*:*:*:*",
"matchCriteriaId": "675F28A7-0BB3-4CDA-855E-7EFC650B512E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5983C650-84F6-4B2E-A27E-9E83EA1DDC02",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_400w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BDD4B412-7967-477F-929E-8F12A39186FF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A1D996FA-52D1-47C2-87E6-682EEC9CA532",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_500w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B9DEF6EE-000D-407D-AA2B-E039BA306A2A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C0B8BFA4-2E15-4318-B7A9-DBDE801D0CF0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_600p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DCB8CDE6-8052-40F7-950F-05329499A58A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SonicOS p\n\nost-authentication Stack-Based Buffer Overflow vulnerability in the ssoStats-s.xml, ssoStats-s.wri URL endpoints leads to a firewall crash.\n\n"
},
{
"lang": "es",
"value": "La vulnerabilidad de desbordamiento del b\u00fafer posterior a la autenticaci\u00f3n de SonicOS en los endpoints de URL ssoStats-s.xml y ssoStats-s.wri provoca una falla del firewall."
}
],
"id": "CVE-2023-39280",
"lastModified": "2024-11-21T08:15:03.223",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-10-17T23:15:11.853",
"references": [
{
"source": "PSIRT@sonicwall.com",
"tags": [
"Vendor Advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0012"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0012"
}
],
"sourceIdentifier": "PSIRT@sonicwall.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-121"
}
],
"source": "PSIRT@sonicwall.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-03-25 23:15
Modified
2024-11-21 06:46
Severity ?
Summary
A Stack-based buffer overflow vulnerability in the SonicOS via HTTP request allows a remote unauthenticated attacker to cause Denial of Service (DoS) or potentially results in code execution in the firewall.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sonicwall | sonicos | * | |
| sonicwall | nsa_2700 | - | |
| sonicwall | nsa_3700 | - | |
| sonicwall | nsa_4700 | - | |
| sonicwall | nsa_5700 | - | |
| sonicwall | nsa_6700 | - | |
| sonicwall | nssp_10700 | - | |
| sonicwall | nssp_11700 | - | |
| sonicwall | nssp_13700 | - | |
| sonicwall | nsv_270 | - | |
| sonicwall | nsv_470 | - | |
| sonicwall | nsv_870 | - | |
| sonicwall | tz270 | - | |
| sonicwall | tz270w | - | |
| sonicwall | tz370 | - | |
| sonicwall | tz370w | - | |
| sonicwall | tz470 | - | |
| sonicwall | tz470w | - | |
| sonicwall | tz570 | - | |
| sonicwall | tz570p | - | |
| sonicwall | tz570w | - | |
| sonicwall | tz670 | - | |
| sonicwall | sonicos | * | |
| sonicwall | nssp_15700 | - | |
| sonicwall | sonicosv | * | |
| sonicwall | nsv_10 | - | |
| sonicwall | nsv_100 | - | |
| sonicwall | nsv_1600 | - | |
| sonicwall | nsv_200 | - | |
| sonicwall | nsv_25 | - | |
| sonicwall | nsv_300 | - | |
| sonicwall | nsv_400 | - | |
| sonicwall | nsv_50 | - | |
| sonicwall | nsv_800 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5348AB48-8B9B-4928-8B0C-D819D03D0FEC",
"versionEndIncluding": "7.0.1-5050",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsa_2700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8D8B0C7A-FD65-47CA-A625-150A90EFA7A1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_3700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A69E000B-5806-46FD-A233-4E2CC9DD38D2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_4700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8DF4A322-7CC7-4AB9-B10E-FFF34DF2182D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_5700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4C15FED5-C48C-47CF-9645-0563D77883C1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_6700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A884B1BB-F201-4C77-9F6E-B8A884DCD4C2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nssp_10700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7C3BA5A3-1160-4793-A8D6-40B9D264BCC4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nssp_11700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6739DEA3-06FF-4FEB-9931-0DB27F63B70E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nssp_13700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0250EDF9-0AEF-4711-8EF6-D447CF48BCAF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv_270:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F2ABC8D8-2943-4073-9568-E87961A18998",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv_470:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9F57D527-AA3F-45E9-9BCE-6F76691066B5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv_870:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F5ECCCF0-A5D8-42A8-8EC1-D12B49B1124A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz270:-:*:*:*:*:*:*:*",
"matchCriteriaId": "70340DD4-687B-402C-85AF-C2B80D0F1600",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz270w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "52847BA2-470B-4078-A79B-52095DB9214B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz370:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9853AE3A-B0EA-4249-AA7D-1F2051C9BF91",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz370w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4DBDD10C-F89D-4051-BC70-67B41167FF9B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz470:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C23940E-2F9D-447B-A740-42035ED5D400",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz470w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "90C790AD-C40E-4527-8F83-D278282A9600",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz570:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C7DF76E0-8E3D-4E0D-A3BB-F5AE05A4C7C9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz570p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "352DFCF9-E333-41C0-8033-91265768FD8E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz570w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4C882C38-9DA5-4C03-BB23-AB2B448E3307",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz670:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AEEA6065-48D3-4EC7-BD94-CBAE3D1010FF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C8598D61-86DA-489E-A201-3816DDE140B9",
"versionEndIncluding": "7.0.1-r579",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nssp_15700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7D6CF3CF-256C-4C04-8BDF-B16398CD0459",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:sonicosv:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6E83E089-AFB5-4959-895A-A7CA85570770",
"versionEndIncluding": "6.5.4.4-44v-21-1452",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsv_10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "75912A50-E148-43C9-9335-BE19977F8A70",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv_100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12CF8746-84DF-4FB6-B5B7-AAED39E7FA6C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv_1600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3ED84FC8-3E4E-4D29-B725-57AE7EEEC6DA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv_200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AC0B21B1-ABA5-49E2-9B43-E85B9B447F45",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv_25:-:*:*:*:*:*:*:*",
"matchCriteriaId": "731B4849-2F0B-4625-B768-2287964ECDAF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv_300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0BC92834-A624-49D8-BF14-9F545C63EB0B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv_400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "18066544-CD00-41A5-9392-6023020853D4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv_50:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6A644965-B1B8-4581-BCAC-8D6BCC961A03",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv_800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "30061761-D324-43DD-B43D-F2DFEF987364",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A Stack-based buffer overflow vulnerability in the SonicOS via HTTP request allows a remote unauthenticated attacker to cause Denial of Service (DoS) or potentially results in code execution in the firewall."
},
{
"lang": "es",
"value": "Una vulnerabilidad de desbordamiento de b\u00fafer en la regi\u00f3n Stack de la memoria en SonicOS por medio de una petici\u00f3n HTTP permite a un atacante remoto no autenticado causar una denegaci\u00f3n de servicio (DoS) o potencialmente resultando en una ejecuci\u00f3n de c\u00f3digo en el firewall"
}
],
"id": "CVE-2022-22274",
"lastModified": "2024-11-21T06:46:32.270",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-03-25T23:15:08.353",
"references": [
{
"source": "PSIRT@sonicwall.com",
"tags": [
"Vendor Advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0003"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0003"
}
],
"sourceIdentifier": "PSIRT@sonicwall.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-121"
}
],
"source": "PSIRT@sonicwall.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-04-27 17:15
Modified
2024-11-21 06:46
Severity ?
Summary
A vulnerability in SonicOS CFS (Content filtering service) returns a large 403 forbidden HTTP response message to the source address when users try to access prohibited resource this allows an attacker to cause HTTP Denial of Service (DoS) attack
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:tz300p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C4AFD3B4-E623-4E5E-B6E3-C868A904D099",
"versionEndExcluding": "7.0.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:tz300p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7003DBEF-CA74-4429-B567-5CFFB83762E6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:tz300w_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6146E0C8-C5BB-499D-A96D-F389005907A9",
"versionEndExcluding": "7.0.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:tz300w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A8AC8EAE-99BE-4889-9978-5083F71D7178",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:tz350_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "11C184C3-B45C-463E-9EEE-93C809C3E30C",
"versionEndExcluding": "7.0.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:tz350:-:*:*:*:*:*:*:*",
"matchCriteriaId": "479B1418-CA62-4B24-A5DB-21F488941754",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:tz350w_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "20B993F6-86CC-4B12-A0FD-BED6D327AAF7",
"versionEndExcluding": "7.0.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:tz350w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D3E0AB47-5EE3-4F2F-B442-DA48C58C44D6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:nssp_10700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "52C0B074-3D97-49BB-A3FD-D316FBFE0F95",
"versionEndExcluding": "7.0.1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nssp_10700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7C3BA5A3-1160-4793-A8D6-40B9D264BCC4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:nssp_11700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "59528209-07F4-461E-B120-5559D4E9DA90",
"versionEndExcluding": "7.0.1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nssp_11700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6739DEA3-06FF-4FEB-9931-0DB27F63B70E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:nssp_12400_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DB28494B-45BC-4DA4-913C-6569A898AE01",
"versionEndExcluding": "7.0.1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nssp_12400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F2F22AB1-044C-45F1-BD33-82BB46402363",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:nssp_12800_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5B77B8C4-AD73-4C26-91AE-BA66DEA21D11",
"versionEndExcluding": "7.0.1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nssp_12800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E62EAD79-2CD4-4479-B26A-A0C97B5B241A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:nssp_13700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FC1D781-9F63-4559-AB61-F22F09DCB915",
"versionEndExcluding": "7.0.1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nssp_13700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0250EDF9-0AEF-4711-8EF6-D447CF48BCAF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:nssp_15700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ABA21425-8435-4BFB-A75C-E53B50AB54B7",
"versionEndExcluding": "7.0.1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nssp_15700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7D6CF3CF-256C-4C04-8BDF-B16398CD0459",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:tz370_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BE1FC1E2-9445-4563-9003-8110C5E811C3",
"versionEndExcluding": "7.0.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:tz370:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9853AE3A-B0EA-4249-AA7D-1F2051C9BF91",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:tz370w_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "39DBBC2B-24CC-4CF6-A700-090BDC890E94",
"versionEndExcluding": "7.0.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:tz370w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4DBDD10C-F89D-4051-BC70-67B41167FF9B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:tz400_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "03A6FF32-EDAF-4D5E-A365-F1C693498FD8",
"versionEndExcluding": "7.0.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:tz400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D50B19A6-80C4-4FF7-9CD5-58938641D3DC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:nsv_10_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8FE24F88-E6D3-410F-814E-9C3E7F7B2AAD",
"versionEndExcluding": "7.0.1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsv_10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "75912A50-E148-43C9-9335-BE19977F8A70",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:nsv_100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8FEAFEE2-A23A-47EF-B6C1-E0B554F173CD",
"versionEndExcluding": "7.0.1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsv_100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12CF8746-84DF-4FB6-B5B7-AAED39E7FA6C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:nsv_1600_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4D85DE14-68AA-43EC-BECF-6E8CBC40AFAC",
"versionEndExcluding": "7.0.1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsv_1600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3ED84FC8-3E4E-4D29-B725-57AE7EEEC6DA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:nsv_200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "76F5C662-A97A-4B1C-AEE9-08724F55B818",
"versionEndExcluding": "7.0.1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsv_200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AC0B21B1-ABA5-49E2-9B43-E85B9B447F45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:nsv_25_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "34A382C1-EA35-44EC-B2EA-4740AA0F7BE5",
"versionEndExcluding": "7.0.1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsv_25:-:*:*:*:*:*:*:*",
"matchCriteriaId": "731B4849-2F0B-4625-B768-2287964ECDAF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:nsv_270_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4DE753AE-26B3-4549-992A-AC80D578474C",
"versionEndExcluding": "7.0.1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsv_270:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F2ABC8D8-2943-4073-9568-E87961A18998",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:nsv_300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0DD008C6-6F0F-40FF-879B-8362DA326686",
"versionEndExcluding": "7.0.1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsv_300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0BC92834-A624-49D8-BF14-9F545C63EB0B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:nsv_400_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "60BA1C39-04C3-4652-B060-FFD96B3B1C93",
"versionEndExcluding": "7.0.1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsv_400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "18066544-CD00-41A5-9392-6023020853D4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:nsv_470_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AC2D35CB-BFDF-4661-880D-E3EC2576B6F9",
"versionEndExcluding": "7.0.1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsv_470:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9F57D527-AA3F-45E9-9BCE-6F76691066B5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:nsv_50_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "71DE0BAA-A331-4EA1-A66F-D641D6BF41E9",
"versionEndExcluding": "7.0.1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsv_50:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6A644965-B1B8-4581-BCAC-8D6BCC961A03",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:nsv_800_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5C01396B-2F62-42F1-9FE8-A6E762C39269",
"versionEndExcluding": "7.0.1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsv_800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "30061761-D324-43DD-B43D-F2DFEF987364",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:nsv_870_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F4633CAF-FD12-4AEF-A994-EED301A41AD0",
"versionEndExcluding": "7.0.1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsv_870:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F5ECCCF0-A5D8-42A8-8EC1-D12B49B1124A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:tz400w_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "12BD7973-192B-42F7-B880-4E85714A4BDB",
"versionEndExcluding": "7.0.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:tz400w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "745643D6-9336-4FBE-9625-99599DFBB8A2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:tz470_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AC300FB0-6B64-4EBC-ACA3-50D3BE60C4A8",
"versionEndExcluding": "7.0.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:tz470:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C23940E-2F9D-447B-A740-42035ED5D400",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:tz470w_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "28EB0A22-8096-4784-A1FB-670410EAD0B1",
"versionEndExcluding": "7.0.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:tz470w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "90C790AD-C40E-4527-8F83-D278282A9600",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:tz500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0B04CF80-5FA2-41B8-BD7C-39D498FEEDBF",
"versionEndExcluding": "7.0.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:tz500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C09B5BCD-C830-4C67-B966-1CA499F21D04",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:nsa_2650_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "507519D2-3CFF-48FD-AD9F-2B42DADE660A",
"versionEndExcluding": "7.0.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsa_2650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B7BCDFEE-DC5A-44B8-85DF-8BFC02B1A973",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:nsa_2700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4944BF99-147C-4945-BA19-18C95309904B",
"versionEndExcluding": "7.0.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsa_2700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8D8B0C7A-FD65-47CA-A625-150A90EFA7A1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:nsa_3650_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D064D1A1-DA21-45A1-BA38-519E7EBE5898",
"versionEndExcluding": "7.0.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsa_3650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "043858A6-26AC-4EB0-A240-A43AD08C6AD5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:nsa_3700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "882B72E4-5141-4280-819E-C4A80E6A464C",
"versionEndExcluding": "7.0.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsa_3700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A69E000B-5806-46FD-A233-4E2CC9DD38D2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:nsa_4650_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1E9757B0-B0AB-433F-8C85-A8F0CEE44D1F",
"versionEndExcluding": "7.0.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsa_4650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "73BB9452-A014-4A68-9662-63E6C60EEAD2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:nsa_4700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C893FD13-98CF-4C06-9D5E-5B08F3C88D5F",
"versionEndExcluding": "7.0.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsa_4700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8DF4A322-7CC7-4AB9-B10E-FFF34DF2182D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:nsa_5650_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8BE0BBF9-D363-4106-A805-F86637AFBBD8",
"versionEndExcluding": "7.0.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsa_5650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9FAAEBB4-F180-4195-BA7F-591AB02EEDC9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:nsa_5700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "53DCED63-ADC3-4E82-BABA-D24F76C3DD17",
"versionEndExcluding": "7.0.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsa_5700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4C15FED5-C48C-47CF-9645-0563D77883C1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:nsa_6650_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7E16CA5E-1261-400F-A195-7FC44BBEDA68",
"versionEndExcluding": "7.0.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsa_6650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "676B05B2-716E-4DC4-BEE8-0E3BCCA5DB27",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:nsa_6700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4273AA33-9129-49FA-9396-3BF0CF297422",
"versionEndExcluding": "7.0.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsa_6700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A884B1BB-F201-4C77-9F6E-B8A884DCD4C2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:nsa_9250_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CA4AE1A6-0F7E-4F86-B3A1-484C1DD97092",
"versionEndExcluding": "7.0.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsa_9250:-:*:*:*:*:*:*:*",
"matchCriteriaId": "60219D0D-240E-4C5E-ADEE-0144DB076F28",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:nsa_9450_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C8F74599-442F-4DE1-8BCF-FE38B159AEFA",
"versionEndExcluding": "7.0.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsa_9450:-:*:*:*:*:*:*:*",
"matchCriteriaId": "260EAE19-8320-4616-8833-B214D41FA98E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:nsa_9650_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "06C19936-43F3-4348-9B08-F0897134D791",
"versionEndExcluding": "7.0.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsa_9650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "94F17A77-EB74-4815-A026-6116755EFB37",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:tz500w_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ABEA6F9B-3E58-42BA-848E-5BD84DC71E15",
"versionEndExcluding": "7.0.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:tz500w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA61303F-736E-411F-AEF3-6335C0795138",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:tz570_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6797D1EF-92E1-43E9-92EC-3779B7AAE9F9",
"versionEndExcluding": "7.0.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:tz570:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C7DF76E0-8E3D-4E0D-A3BB-F5AE05A4C7C9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:tz570p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B3A454D4-6681-4492-948C-F85AFBB23F06",
"versionEndExcluding": "7.0.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:tz570p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "352DFCF9-E333-41C0-8033-91265768FD8E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:tz570w_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C4772E1B-F3B7-481F-8B96-980AA0936C74",
"versionEndExcluding": "7.0.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:tz570w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4C882C38-9DA5-4C03-BB23-AB2B448E3307",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:tz600_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0AC5E922-DAF7-4F21-96E2-9489387835B6",
"versionEndExcluding": "7.0.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:tz600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3506950B-2404-41D2-8EF3-1694777D9EEA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:tz600p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AB3A0E77-C70F-4CA8-B35F-4F72A2D128CD",
"versionEndExcluding": "7.0.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:tz600p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7B4C9916-AD16-4E31-90A6-2AD577EA9783",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:tz670_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B4D07D4B-7D7F-4F92-8746-737356F7446C",
"versionEndExcluding": "7.0.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:tz670:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AEEA6065-48D3-4EC7-BD94-CBAE3D1010FF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in SonicOS CFS (Content filtering service) returns a large 403 forbidden HTTP response message to the source address when users try to access prohibited resource this allows an attacker to cause HTTP Denial of Service (DoS) attack"
},
{
"lang": "es",
"value": "Una vulnerabilidad en SonicOS CFS (servicio de filtrado de contenidos) devuelve un gran mensaje de respuesta HTTP 403 prohibido a la direcci\u00f3n de origen cuando usuarios intentan acceder a un recurso prohibido, lo que permite a un atacante causar un ataque de Denegaci\u00f3n de Servicio HTTP (DoS)"
}
],
"id": "CVE-2022-22278",
"lastModified": "2024-11-21T06:46:32.857",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-04-27T17:15:07.453",
"references": [
{
"source": "PSIRT@sonicwall.com",
"tags": [
"Vendor Advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0004"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0004"
}
],
"sourceIdentifier": "PSIRT@sonicwall.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-770"
}
],
"source": "PSIRT@sonicwall.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-770"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-10-17 23:15
Modified
2024-11-21 08:21
Severity ?
Summary
SonicOS post-authentication Stack-Based Buffer Overflow Vulnerability in the SSL VPN plainprefs.exp URL endpoint leads to a firewall crash.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2C7049FD-8088-4FCE-886A-F4CF5E287D1C",
"versionEndExcluding": "7.0.1-5145",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsa2700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4AFAFCEC-A61E-40EB-87B9-7449751CCAF8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa3700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BC4F132-D29A-4974-86DA-6E35AB05327C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa4700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CBE365CF-DBE9-4C84-AB0C-0CAB7C74ED40",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa5700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "016BB564-CEFC-4E0C-9D38-D9C4C8B2E492",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa6700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5D95DCC6-6F48-4A79-A9F6-BDB1AEFA2180",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nssp10700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15F2741F-3C32-4075-A224-BE272B50E3D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nssp11700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AC883B32-987C-4D34-8BBF-39E2C57A62EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nssp13700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C72EA66A-320C-4D5E-B3F6-6D5F8733E2F1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nssp15700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F8B4A33E-8456-451E-AAF4-7F48BEDACF45",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F5B29EE-9D04-44CC-BB1F-C3C6130D2708",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB6153BB-7B2C-4307-ABE0-0E7E1745DEC7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv1600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "93914C8C-69ED-480C-80F2-4334C00788D8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE26ECE3-9E17-456F-A416-E23A758C9E4C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv25:-:*:*:*:*:*:*:*",
"matchCriteriaId": "67EEA85D-8F9E-4E41-B8B3-119738375A84",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv270:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DACDCE12-74C2-4F3C-8421-9191700514C5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F0D33997-0D65-464E-8AA5-043499C667D1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D13CD6CF-B048-4214-AAA8-AB58BE6C6C5E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv470:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AF1ECB1-6257-41E3-A050-6467063F4807",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv50:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA838CC7-083A-4BF1-9C95-BED6F5A2992C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D0171D69-14A6-4AB0-8377-C233F5E192D8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv870:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0883D805-1BA9-49CE-AEC7-51C9D9A69C5C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz270:-:*:*:*:*:*:*:*",
"matchCriteriaId": "70340DD4-687B-402C-85AF-C2B80D0F1600",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz270w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "52847BA2-470B-4078-A79B-52095DB9214B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz370:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9853AE3A-B0EA-4249-AA7D-1F2051C9BF91",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz370w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4DBDD10C-F89D-4051-BC70-67B41167FF9B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz470:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C23940E-2F9D-447B-A740-42035ED5D400",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz470w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "90C790AD-C40E-4527-8F83-D278282A9600",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz570:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C7DF76E0-8E3D-4E0D-A3BB-F5AE05A4C7C9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz570p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "352DFCF9-E333-41C0-8033-91265768FD8E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz570w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4C882C38-9DA5-4C03-BB23-AB2B448E3307",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz670:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AEEA6065-48D3-4EC7-BD94-CBAE3D1010FF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9B91638E-FB80-4C65-8A37-827488CB3E2C",
"versionEndExcluding": "6.5.4.4-44v-21-2340",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsv10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F5B29EE-9D04-44CC-BB1F-C3C6130D2708",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB6153BB-7B2C-4307-ABE0-0E7E1745DEC7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv1600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "93914C8C-69ED-480C-80F2-4334C00788D8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE26ECE3-9E17-456F-A416-E23A758C9E4C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv25:-:*:*:*:*:*:*:*",
"matchCriteriaId": "67EEA85D-8F9E-4E41-B8B3-119738375A84",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv270:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DACDCE12-74C2-4F3C-8421-9191700514C5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F0D33997-0D65-464E-8AA5-043499C667D1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D13CD6CF-B048-4214-AAA8-AB58BE6C6C5E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv470:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AF1ECB1-6257-41E3-A050-6467063F4807",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv50:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA838CC7-083A-4BF1-9C95-BED6F5A2992C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D0171D69-14A6-4AB0-8377-C233F5E192D8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv870:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0883D805-1BA9-49CE-AEC7-51C9D9A69C5C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0D74A465-1A72-4A02-8A54-FD502BD28119",
"versionEndExcluding": "6.5.4.13-105n",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsa_2600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F86D13F9-D41E-4230-9116-A781FFAEF00D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_2650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B7BCDFEE-DC5A-44B8-85DF-8BFC02B1A973",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_3600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8A24BCC0-CE41-49AF-B03D-D4FCB422503B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_3650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "043858A6-26AC-4EB0-A240-A43AD08C6AD5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_4600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8FD73880-DC60-467F-99B6-69807D58A840",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_4650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "73BB9452-A014-4A68-9662-63E6C60EEAD2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_5600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B0CF683A-7E83-464B-8A0D-4CC641377FA6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_5650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9FAAEBB4-F180-4195-BA7F-591AB02EEDC9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_6600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD9C3F77-2F1A-4C4F-A8F8-CDBFB7B87891",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_6650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "676B05B2-716E-4DC4-BEE8-0E3BCCA5DB27",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:sm_9200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FEF2B435-957C-4BBE-937D-23E4F33189EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:sm_9250:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0CE4FE75-10AD-47D4-AF87-E4C294F89EA8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:sm_9400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B485C543-DFCF-4481-92B4-F7198EE4FBD1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:sm_9450:-:*:*:*:*:*:*:*",
"matchCriteriaId": "928C1C0D-7AF7-4076-B5B2-207DFF3AD6A4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:sm_9600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F030C5AB-36CA-445E-AC87-8DEE18DBB40E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:sm_9650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A1F9D940-8AE2-4B92-B69D-9FF6F48DF16C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:soho_250:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9FDE64E9-44DD-4B7C-BA34-FE2C79E3FAED",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:soho_250w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E8F3935-89B4-4091-9B8C-442C02FD4F3A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:sohow:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7268E89B-FF46-45AD-82FF-333505EF957B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0804FADE-57F7-452F-86B3-079701059D37",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_300p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9956F726-6D62-4616-B60A-4D3DD6F32105",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_300w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "29F4D403-F20A-4802-AAE9-9582486EB436",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_350:-:*:*:*:*:*:*:*",
"matchCriteriaId": "675F28A7-0BB3-4CDA-855E-7EFC650B512E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5983C650-84F6-4B2E-A27E-9E83EA1DDC02",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_400w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BDD4B412-7967-477F-929E-8F12A39186FF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A1D996FA-52D1-47C2-87E6-682EEC9CA532",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_500w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B9DEF6EE-000D-407D-AA2B-E039BA306A2A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C0B8BFA4-2E15-4318-B7A9-DBDE801D0CF0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_600p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DCB8CDE6-8052-40F7-950F-05329499A58A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SonicOS post-authentication Stack-Based Buffer Overflow Vulnerability in the SSL VPN plainprefs.exp URL endpoint leads to a firewall crash."
},
{
"lang": "es",
"value": "La vulnerabilidad de desbordamiento del b\u00fafer posterior a la autenticaci\u00f3n de SonicOS en el extremo URL de SSL VPN plainprefs.exp provoca una falla del firewall."
}
],
"id": "CVE-2023-41712",
"lastModified": "2024-11-21T08:21:31.643",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-10-17T23:15:12.093",
"references": [
{
"source": "PSIRT@sonicwall.com",
"tags": [
"Vendor Advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0012"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0012"
}
],
"sourceIdentifier": "PSIRT@sonicwall.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-121"
}
],
"source": "PSIRT@sonicwall.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-04-27 17:15
Modified
2024-11-21 06:46
Severity ?
Summary
A vulnerability in SonicOS SNMP service resulting exposure of Wireless Access Point sensitive information in cleartext.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:tz300p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CBC23B54-639C-4FFF-B580-6E787ECAC3BC",
"versionEndExcluding": "6.5.4.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sonicwall:tz300p_firmware:7.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "122ABFDB-2BE3-475F-920A-7FAAA3850EB4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:tz300p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7003DBEF-CA74-4429-B567-5CFFB83762E6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:tz300w_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2AFBFE42-2E8D-4549-B095-B47E0DC00CAC",
"versionEndExcluding": "6.5.4.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sonicwall:tz300w_firmware:7.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AF0FFA3F-E5A0-4B84-86A9-F4A82438461B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:tz300w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A8AC8EAE-99BE-4889-9978-5083F71D7178",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:tz350_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "52309DBB-F7A4-4B32-936E-8EBEEFBA2592",
"versionEndExcluding": "6.5.4.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sonicwall:tz350_firmware:7.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7BDA1B77-C458-4782-8D05-EE0942AE423F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:tz350:-:*:*:*:*:*:*:*",
"matchCriteriaId": "479B1418-CA62-4B24-A5DB-21F488941754",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:tz350w_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "955D5EEA-51F0-456B-94E1-5FE29B110699",
"versionEndExcluding": "6.5.4.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sonicwall:tz350w_firmware:7.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9D637E6A-83EA-4CEC-810D-164A2E95565E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:tz350w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D3E0AB47-5EE3-4F2F-B442-DA48C58C44D6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:nssp_10700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "52C0B074-3D97-49BB-A3FD-D316FBFE0F95",
"versionEndExcluding": "7.0.1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nssp_10700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7C3BA5A3-1160-4793-A8D6-40B9D264BCC4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:nssp_11700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "59528209-07F4-461E-B120-5559D4E9DA90",
"versionEndExcluding": "7.0.1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nssp_11700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6739DEA3-06FF-4FEB-9931-0DB27F63B70E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:nssp_12400_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DB28494B-45BC-4DA4-913C-6569A898AE01",
"versionEndExcluding": "7.0.1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nssp_12400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F2F22AB1-044C-45F1-BD33-82BB46402363",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:nssp_12800_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5B77B8C4-AD73-4C26-91AE-BA66DEA21D11",
"versionEndExcluding": "7.0.1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nssp_12800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E62EAD79-2CD4-4479-B26A-A0C97B5B241A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:nssp_13700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FC1D781-9F63-4559-AB61-F22F09DCB915",
"versionEndExcluding": "7.0.1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nssp_13700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0250EDF9-0AEF-4711-8EF6-D447CF48BCAF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:nssp_15700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ABA21425-8435-4BFB-A75C-E53B50AB54B7",
"versionEndExcluding": "7.0.1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nssp_15700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7D6CF3CF-256C-4C04-8BDF-B16398CD0459",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:tz370_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "925AED91-15F8-4ED0-8FF1-A6A7AB5EC3E9",
"versionEndExcluding": "6.5.4.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sonicwall:tz370_firmware:7.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8134DD19-2F0D-4925-9707-BD69792EEB51",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:tz370:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9853AE3A-B0EA-4249-AA7D-1F2051C9BF91",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:tz370w_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5F2D2D9D-459C-4009-AB88-68196493092A",
"versionEndExcluding": "6.5.4.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sonicwall:tz370w_firmware:7.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "52AB25CE-F6BB-45C0-8C9F-DBE18C0DB710",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:tz370w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4DBDD10C-F89D-4051-BC70-67B41167FF9B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:tz400_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "36C01F71-D6ED-4C9F-AE0A-40712F29512B",
"versionEndExcluding": "6.5.4.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sonicwall:tz400_firmware:7.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "ED3DF817-A706-4DC9-BCB9-637AA6CB71F6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:tz400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D50B19A6-80C4-4FF7-9CD5-58938641D3DC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:nsv_10_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8FE24F88-E6D3-410F-814E-9C3E7F7B2AAD",
"versionEndExcluding": "7.0.1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsv_10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "75912A50-E148-43C9-9335-BE19977F8A70",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:nsv_100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8FEAFEE2-A23A-47EF-B6C1-E0B554F173CD",
"versionEndExcluding": "7.0.1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsv_100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12CF8746-84DF-4FB6-B5B7-AAED39E7FA6C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:nsv_1600_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4D85DE14-68AA-43EC-BECF-6E8CBC40AFAC",
"versionEndExcluding": "7.0.1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsv_1600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3ED84FC8-3E4E-4D29-B725-57AE7EEEC6DA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:nsv_200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "76F5C662-A97A-4B1C-AEE9-08724F55B818",
"versionEndExcluding": "7.0.1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsv_200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AC0B21B1-ABA5-49E2-9B43-E85B9B447F45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:nsv_25_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "34A382C1-EA35-44EC-B2EA-4740AA0F7BE5",
"versionEndExcluding": "7.0.1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsv_25:-:*:*:*:*:*:*:*",
"matchCriteriaId": "731B4849-2F0B-4625-B768-2287964ECDAF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:nsv_270_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4DE753AE-26B3-4549-992A-AC80D578474C",
"versionEndExcluding": "7.0.1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsv_270:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F2ABC8D8-2943-4073-9568-E87961A18998",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:nsv_300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0DD008C6-6F0F-40FF-879B-8362DA326686",
"versionEndExcluding": "7.0.1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsv_300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0BC92834-A624-49D8-BF14-9F545C63EB0B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:nsv_400_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "60BA1C39-04C3-4652-B060-FFD96B3B1C93",
"versionEndExcluding": "7.0.1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsv_400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "18066544-CD00-41A5-9392-6023020853D4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:nsv_470_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AC2D35CB-BFDF-4661-880D-E3EC2576B6F9",
"versionEndExcluding": "7.0.1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsv_470:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9F57D527-AA3F-45E9-9BCE-6F76691066B5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:nsv_50_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "71DE0BAA-A331-4EA1-A66F-D641D6BF41E9",
"versionEndExcluding": "7.0.1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsv_50:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6A644965-B1B8-4581-BCAC-8D6BCC961A03",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:nsv_800_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5C01396B-2F62-42F1-9FE8-A6E762C39269",
"versionEndExcluding": "7.0.1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsv_800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "30061761-D324-43DD-B43D-F2DFEF987364",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:nsv_870_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F4633CAF-FD12-4AEF-A994-EED301A41AD0",
"versionEndExcluding": "7.0.1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsv_870:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F5ECCCF0-A5D8-42A8-8EC1-D12B49B1124A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:tz400w_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "009872A9-8585-4B07-A399-A6626D8A1FEB",
"versionEndExcluding": "6.5.4.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sonicwall:tz400w_firmware:7.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "71ECC6BC-395B-4D1E-83BA-550CFDDD833E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:tz400w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "745643D6-9336-4FBE-9625-99599DFBB8A2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:tz470_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AA11D013-9E25-4D7C-A662-CE78923B025E",
"versionEndExcluding": "6.5.4.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sonicwall:tz470_firmware:7.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1D55EB54-E43D-4EF5-952C-924F48CE1CFD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:tz470:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C23940E-2F9D-447B-A740-42035ED5D400",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:tz470w_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CFEC0A24-3D87-42CF-B5EC-DBC9D0B3409C",
"versionEndExcluding": "6.5.4.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sonicwall:tz470w_firmware:7.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C00AC04A-D185-4759-9766-A13F28EB3D35",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:tz470w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "90C790AD-C40E-4527-8F83-D278282A9600",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:tz500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AABB0E80-9BDD-4E40-9719-A6BA2FECBE16",
"versionEndExcluding": "6.5.4.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sonicwall:tz500_firmware:7.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C30DF832-0EEA-4DEF-A81A-5ECB418AF3A5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:tz500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C09B5BCD-C830-4C67-B966-1CA499F21D04",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:nsa_2650_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4E1A5847-DD41-4A31-9E8F-DCDCF8570ACD",
"versionEndExcluding": "6.5.4.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sonicwall:nsa_2650_firmware:7.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "757C46AF-CB8F-479B-B9C0-B47AD9F375F5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsa_2650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B7BCDFEE-DC5A-44B8-85DF-8BFC02B1A973",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:nsa_2700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5E6923CA-01F3-4F9F-821F-E9D720684458",
"versionEndExcluding": "6.5.4.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sonicwall:nsa_2700_firmware:7.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "74C381B8-5E14-469B-BE47-6D8B79C3DDE7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsa_2700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8D8B0C7A-FD65-47CA-A625-150A90EFA7A1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:nsa_3650_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4B9D2A23-86F1-44F0-80DE-0984B7D3FA7F",
"versionEndExcluding": "6.5.4.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sonicwall:nsa_3650_firmware:7.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5DA3A5B6-FA71-4EC1-AC05-42D17A3B88BD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsa_3650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "043858A6-26AC-4EB0-A240-A43AD08C6AD5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:nsa_3700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3315228E-6350-4CCB-9794-92DD4BF20917",
"versionEndExcluding": "6.5.4.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sonicwall:nsa_3700_firmware:7.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "714723A9-BBCF-4192-9233-83EFB87F95D9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsa_3700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A69E000B-5806-46FD-A233-4E2CC9DD38D2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:nsa_4650_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "699E201F-1F8E-4D94-ADEF-9D828489AE86",
"versionEndExcluding": "6.5.4.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sonicwall:nsa_4650_firmware:7.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6DC28E32-5638-4727-A06C-E49090CF20F3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsa_4650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "73BB9452-A014-4A68-9662-63E6C60EEAD2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:nsa_4700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3E3059A0-8EB4-46B3-B0E4-29DA9C4C3353",
"versionEndExcluding": "6.5.4.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sonicwall:nsa_4700_firmware:7.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AA73FF90-2F80-463D-8F31-CA5BEF93FCC2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsa_4700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8DF4A322-7CC7-4AB9-B10E-FFF34DF2182D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:nsa_5650_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B9F18AA1-A316-4BA0-9610-FB5FF0FDD4ED",
"versionEndExcluding": "6.5.4.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sonicwall:nsa_5650_firmware:7.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "461E7DB6-21ED-4774-8AF7-819C42904CF2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsa_5650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9FAAEBB4-F180-4195-BA7F-591AB02EEDC9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:nsa_5700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F8494BD6-7824-431F-BF54-207E29FDD9EA",
"versionEndExcluding": "6.5.4.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sonicwall:nsa_5700_firmware:7.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "723A7EFA-0E9D-454A-A584-0FAD24F0A9C4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsa_5700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4C15FED5-C48C-47CF-9645-0563D77883C1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:nsa_6650_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6C0321EB-3092-4D7F-953E-37A421CF80FB",
"versionEndExcluding": "6.5.4.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sonicwall:nsa_6650_firmware:7.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EBEF6F6C-6E2D-405A-B0A2-4073C6B884EC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsa_6650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "676B05B2-716E-4DC4-BEE8-0E3BCCA5DB27",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:nsa_6700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C33E77A7-02CA-42CE-8F96-11547D064C40",
"versionEndExcluding": "6.5.4.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sonicwall:nsa_6700_firmware:7.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8045EACC-25C9-4D8E-BE55-E9032CB4E38C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsa_6700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A884B1BB-F201-4C77-9F6E-B8A884DCD4C2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:nsa_9250_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CD748C1F-0191-4B98-81D1-0A36411F4910",
"versionEndExcluding": "6.5.4.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sonicwall:nsa_9250_firmware:7.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6D42C886-A250-47E7-AB9E-930F647DFB1F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsa_9250:-:*:*:*:*:*:*:*",
"matchCriteriaId": "60219D0D-240E-4C5E-ADEE-0144DB076F28",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:nsa_9450_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0B7E66A1-5522-408C-BFDB-D7CCFC1FF73A",
"versionEndExcluding": "6.5.4.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sonicwall:nsa_9450_firmware:7.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B4AADBFB-6F6F-41FB-B638-D9F381956F1F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsa_9450:-:*:*:*:*:*:*:*",
"matchCriteriaId": "260EAE19-8320-4616-8833-B214D41FA98E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:nsa_9650_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "531FDECB-33DC-40D2-A053-DE7A6072221B",
"versionEndExcluding": "6.5.4.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sonicwall:nsa_9650_firmware:7.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FD15E0D8-718C-4C50-884A-80E733C72959",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsa_9650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "94F17A77-EB74-4815-A026-6116755EFB37",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:tz500w_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E1039FA8-2794-4AD5-BBEB-0B757B07CEA3",
"versionEndExcluding": "6.5.4.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sonicwall:tz500w_firmware:7.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2FFBA4CE-98F9-4C4E-8231-B2599D9F1422",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:tz500w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA61303F-736E-411F-AEF3-6335C0795138",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:tz570_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BD989400-6116-43DC-8CA4-2F293531F36C",
"versionEndExcluding": "6.5.4.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sonicwall:tz570_firmware:7.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DD779CD6-69BD-48DD-A05E-E939643E5F12",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:tz570:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C7DF76E0-8E3D-4E0D-A3BB-F5AE05A4C7C9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:tz570p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "876274D7-48FB-459F-83C5-02675A451E7E",
"versionEndExcluding": "6.5.4.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sonicwall:tz570p_firmware:7.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E7DF5C88-66F9-4D52-AD29-26109A1ECEAF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:tz570p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "352DFCF9-E333-41C0-8033-91265768FD8E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:tz570w_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "74CD0CA7-CF28-44A4-9396-ACFB113E9030",
"versionEndExcluding": "6.5.4.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sonicwall:tz570w_firmware:7.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EA2C820D-E0A3-4D46-B142-1FDE228D8EFC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:tz570w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4C882C38-9DA5-4C03-BB23-AB2B448E3307",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:tz600_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "53DE309B-88EF-46FD-A8FF-22AEC0210ACB",
"versionEndExcluding": "6.5.4.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sonicwall:tz600_firmware:7.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "44CA26BE-FBB5-4946-A6FC-D5A3E0D9FDD7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:tz600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3506950B-2404-41D2-8EF3-1694777D9EEA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:tz600p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "85E8CC11-5869-4F72-AA3F-F0A85BF76A0B",
"versionEndExcluding": "6.5.4.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sonicwall:tz600p_firmware:7.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B420B234-A97A-46CF-9163-E45EBF677737",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:tz600p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7B4C9916-AD16-4E31-90A6-2AD577EA9783",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:tz670_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B96FB085-E44C-4D7C-A4E2-E01F25CB3DA4",
"versionEndExcluding": "6.5.4.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sonicwall:tz670_firmware:7.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EA8F7C68-EECF-4A41-98FC-DAB1E4F4CFF4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:tz670:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AEEA6065-48D3-4EC7-BD94-CBAE3D1010FF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in SonicOS SNMP service resulting exposure of Wireless Access Point sensitive information in cleartext."
},
{
"lang": "es",
"value": "Una vulnerabilidad en el servicio SNMP de SonicOS resultando en una exposici\u00f3n de informaci\u00f3n confidencial del punto de acceso inal\u00e1mbrico en texto sin cifrar"
}
],
"id": "CVE-2022-22277",
"lastModified": "2024-11-21T06:46:32.693",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-04-27T17:15:07.397",
"references": [
{
"source": "PSIRT@sonicwall.com",
"tags": [
"Vendor Advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0004"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0004"
}
],
"sourceIdentifier": "PSIRT@sonicwall.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "PSIRT@sonicwall.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-04-15 02:15
Modified
2024-11-21 07:32
Severity ?
Summary
The IEEE 802.11 specifications through 802.11ax allow physically proximate attackers to intercept (possibly cleartext) target-destined frames by spoofing a target's MAC address, sending Power Save frames to the access point, and then sending other frames to the access point (such as authentication frames or re-association frames) to remove the target's original security context. This behavior occurs because the specifications do not require an access point to purge its transmit queue before removing a client's pairwise encryption key.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://papers.mathyvanhoef.com/usenix2023-wifi.pdf | Exploit, Technical Description, Third Party Advisory | |
| cve@mitre.org | https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0006 | Third Party Advisory | |
| cve@mitre.org | https://www.freebsd.org/security/advisories/FreeBSD-SA-23:11.wifi.asc | ||
| cve@mitre.org | https://www.wi-fi.org/discover-wi-fi/passpoint | Not Applicable | |
| af854a3a-2127-422b-91ae-364da2661108 | https://papers.mathyvanhoef.com/usenix2023-wifi.pdf | Exploit, Technical Description, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0006 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.freebsd.org/security/advisories/FreeBSD-SA-23:11.wifi.asc | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.wi-fi.org/discover-wi-fi/passpoint | Not Applicable |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ieee:ieee_802.11:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EA94FAA4-9BBF-402D-8B33-20A5E8AAFC5D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:tz670_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B1EB82E-91D7-4197-B762-56A5578FA269",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:tz670:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AEEA6065-48D3-4EC7-BD94-CBAE3D1010FF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:tz570_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "676DF3BF-7777-4FA9-8512-457FBA956F21",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:tz570:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C7DF76E0-8E3D-4E0D-A3BB-F5AE05A4C7C9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:tz570p_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9369143D-4BA5-4A36-9CB5-9DF28F5FD071",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:tz570p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "352DFCF9-E333-41C0-8033-91265768FD8E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:tz570w_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "30E4118D-750F-4CB0-A47D-420B85331515",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:tz570w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4C882C38-9DA5-4C03-BB23-AB2B448E3307",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:tz470_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "46ED34C5-0DDC-4378-AC24-CC288FA6CC32",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:tz470:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C23940E-2F9D-447B-A740-42035ED5D400",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:tz470w_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3D2ED33A-7AE7-4EA1-B4D4-524B5B3538D4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:tz470w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "90C790AD-C40E-4527-8F83-D278282A9600",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:tz370_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C0E504C1-4E34-4CA3-B5A8-44A02D53E1E0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:tz370:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9853AE3A-B0EA-4249-AA7D-1F2051C9BF91",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:tz370w_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5DC5202E-61D9-405D-91BD-E6037DBCB71D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:tz370w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4DBDD10C-F89D-4051-BC70-67B41167FF9B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:tz270_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9A1023D6-D82F-4E09-97B8-F7A57D6F7686",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:tz270:-:*:*:*:*:*:*:*",
"matchCriteriaId": "70340DD4-687B-402C-85AF-C2B80D0F1600",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:tz270w_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "885DFDA5-2DB8-471A-B694-CAD5BEA96944",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:tz270w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "52847BA2-470B-4078-A79B-52095DB9214B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:tz600_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "31F6D757-D0EF-4450-985F-49B78F436667",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:tz600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3506950B-2404-41D2-8EF3-1694777D9EEA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:tz600p_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1114D0A0-516C-4A6D-B578-0D401C692542",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:tz600p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7B4C9916-AD16-4E31-90A6-2AD577EA9783",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:tz500_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "96F78C44-08CB-4AEF-AFEF-1ABCF62EF9F9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:tz500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C09B5BCD-C830-4C67-B966-1CA499F21D04",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:tz500w_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8FDDC97A-3D6E-4B9E-B7C7-1281EFD09B5F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:tz500w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA61303F-736E-411F-AEF3-6335C0795138",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:tz400_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9AEAA71F-6BD8-4FE4-844D-080AF7B61DDE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:tz400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D50B19A6-80C4-4FF7-9CD5-58938641D3DC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:tz400w_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "70DDAC21-91E2-4C49-9AD4-0B35D930042B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:tz400w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "745643D6-9336-4FBE-9625-99599DFBB8A2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:tz350_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F5E19E36-07EB-4FE7-B4CD-8C1E8C116A27",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:tz350:-:*:*:*:*:*:*:*",
"matchCriteriaId": "479B1418-CA62-4B24-A5DB-21F488941754",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:tz350w_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E8AC214A-ADA4-4607-B1CD-D0D8FA450F88",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:tz350w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D3E0AB47-5EE3-4F2F-B442-DA48C58C44D6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:tz300_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4B16351E-5793-40FA-8B3E-CABF8F709E1A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:tz300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "09678BBE-7603-41D2-BF09-415CA33C7EFA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:tz300p_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63F6B06B-8220-438D-BF43-97A33C07EE13",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:tz300p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7003DBEF-CA74-4429-B567-5CFFB83762E6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:tz300w_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FBBB888A-F19B-4F7C-A2FD-01AA65F6FAD6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:tz300w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A8AC8EAE-99BE-4889-9978-5083F71D7178",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:soho_250_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B9134E3-57D4-40C4-B268-B952F249AF7E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:soho_250:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9FDE64E9-44DD-4B7C-BA34-FE2C79E3FAED",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:soho_250w_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0687F825-6F19-4227-B5F3-5E9DD0D4621B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:soho_250w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E8F3935-89B4-4091-9B8C-442C02FD4F3A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:sonicwave_231c_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "64ABCFAF-DB16-4EF1-98EC-DB7E5E757DC0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:sonicwave_231c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "57028B23-5593-4442-A746-2A248DEFB4EE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:sonicwave_224w_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B840890-AC02-457D-9E67-FEC07EFEAE25",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:sonicwave_224w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "911B549B-AA18-4018-8E9B-A46D032A7AD3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:sonicwave_432o_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "390D6FCD-3D04-4DFD-B8B6-DF2CD6E44087",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:sonicwave_432o:-:*:*:*:*:*:*:*",
"matchCriteriaId": "45DE092E-A5B8-41B4-AF99-897E1F18DF1C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:sonicwave_621_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B1B3BB5E-325A-4B70-9209-253B18EF56EA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:sonicwave_621:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CD8FCD1-9A77-4120-A2EB-E2D8C7E7E006",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:sonicwave_641_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BD0869CE-BF47-4243-96FD-CD51AC751CA1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:sonicwave_641:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D5CBFB2F-1BC7-411C-824F-6240CF289905",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:sonicwave_681_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D4134FE2-6A7D-41C9-A214-2CE0A59FC23D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:sonicwave_681:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDECE3D2-594C-4FC7-BC65-7813F7446B14",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The IEEE 802.11 specifications through 802.11ax allow physically proximate attackers to intercept (possibly cleartext) target-destined frames by spoofing a target\u0027s MAC address, sending Power Save frames to the access point, and then sending other frames to the access point (such as authentication frames or re-association frames) to remove the target\u0027s original security context. This behavior occurs because the specifications do not require an access point to purge its transmit queue before removing a client\u0027s pairwise encryption key."
}
],
"id": "CVE-2022-47522",
"lastModified": "2024-11-21T07:32:08.453",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.6,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-04-15T02:15:07.290",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Technical Description",
"Third Party Advisory"
],
"url": "https://papers.mathyvanhoef.com/usenix2023-wifi.pdf"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0006"
},
{
"source": "cve@mitre.org",
"url": "https://www.freebsd.org/security/advisories/FreeBSD-SA-23:11.wifi.asc"
},
{
"source": "cve@mitre.org",
"tags": [
"Not Applicable"
],
"url": "https://www.wi-fi.org/discover-wi-fi/passpoint"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Technical Description",
"Third Party Advisory"
],
"url": "https://papers.mathyvanhoef.com/usenix2023-wifi.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0006"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.freebsd.org/security/advisories/FreeBSD-SA-23:11.wifi.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Not Applicable"
],
"url": "https://www.wi-fi.org/discover-wi-fi/passpoint"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-290"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-02-08 02:15
Modified
2024-11-21 08:56
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
An improper authentication vulnerability has been identified in SonicWall SonicOS SSL-VPN feature, which in specific conditions could allow a remote attacker to bypass authentication.
This issue affects only firmware version SonicOS 7.1.1-7040.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sonicwall | sonicos | 7.1.1-7040 | |
| sonicwall | nsa_2700 | - | |
| sonicwall | nsa_3700 | - | |
| sonicwall | nsa_4700 | - | |
| sonicwall | nsa_5700 | - | |
| sonicwall | nsa_6700 | - | |
| sonicwall | nssp_10700 | - | |
| sonicwall | nssp_11700 | - | |
| sonicwall | nssp_13700 | - | |
| sonicwall | nsv_270 | - | |
| sonicwall | nsv_470 | - | |
| sonicwall | nsv_870 | - | |
| sonicwall | t2270 | - | |
| sonicwall | tz270w | - | |
| sonicwall | tz370 | - | |
| sonicwall | tz370w | - | |
| sonicwall | tz470 | - | |
| sonicwall | tz470w | - | |
| sonicwall | tz570 | - | |
| sonicwall | tz570p | - | |
| sonicwall | tz570w | - | |
| sonicwall | tz670 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:sonicos:7.1.1-7040:*:*:*:*:*:*:*",
"matchCriteriaId": "10C8F8FE-C22C-4CE0-86AE-D247042A41DF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsa_2700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8D8B0C7A-FD65-47CA-A625-150A90EFA7A1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_3700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A69E000B-5806-46FD-A233-4E2CC9DD38D2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_4700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8DF4A322-7CC7-4AB9-B10E-FFF34DF2182D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_5700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4C15FED5-C48C-47CF-9645-0563D77883C1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_6700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A884B1BB-F201-4C77-9F6E-B8A884DCD4C2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nssp_10700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7C3BA5A3-1160-4793-A8D6-40B9D264BCC4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nssp_11700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6739DEA3-06FF-4FEB-9931-0DB27F63B70E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nssp_13700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0250EDF9-0AEF-4711-8EF6-D447CF48BCAF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv_270:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F2ABC8D8-2943-4073-9568-E87961A18998",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv_470:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9F57D527-AA3F-45E9-9BCE-6F76691066B5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv_870:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F5ECCCF0-A5D8-42A8-8EC1-D12B49B1124A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:t2270:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CBB8E979-629B-48DF-BA96-40D9EF197732",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz270w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "52847BA2-470B-4078-A79B-52095DB9214B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz370:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9853AE3A-B0EA-4249-AA7D-1F2051C9BF91",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz370w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4DBDD10C-F89D-4051-BC70-67B41167FF9B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz470:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C23940E-2F9D-447B-A740-42035ED5D400",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz470w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "90C790AD-C40E-4527-8F83-D278282A9600",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz570:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C7DF76E0-8E3D-4E0D-A3BB-F5AE05A4C7C9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz570p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "352DFCF9-E333-41C0-8033-91265768FD8E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz570w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4C882C38-9DA5-4C03-BB23-AB2B448E3307",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz670:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AEEA6065-48D3-4EC7-BD94-CBAE3D1010FF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An improper authentication vulnerability has been identified in SonicWall SonicOS SSL-VPN feature, which in specific conditions could allow a remote attacker to bypass authentication.\u00a0\n\nThis issue affects only firmware version SonicOS 7.1.1-7040.\n\n"
},
{
"lang": "es",
"value": "Se ha identificado una vulnerabilidad de autenticaci\u00f3n incorrecta en la funci\u00f3n SSL-VPN de SonicWall SonicOS, que en condiciones espec\u00edficas podr\u00eda permitir que un atacante remoto omita la autenticaci\u00f3n. Este problema afecta \u00fanicamente a la versi\u00f3n de firmware SonicOS 7.1.1-7040."
}
],
"id": "CVE-2024-22394",
"lastModified": "2024-11-21T08:56:11.347",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2024-02-08T02:15:07.620",
"references": [
{
"source": "PSIRT@sonicwall.com",
"tags": [
"Vendor Advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0003"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0003"
}
],
"sourceIdentifier": "PSIRT@sonicwall.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "PSIRT@sonicwall.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-04-27 17:15
Modified
2024-11-21 06:46
Severity ?
Summary
A vulnerability in SonicOS SNMP service resulting exposure of sensitive information to an unauthorized user.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:tz300p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C4AFD3B4-E623-4E5E-B6E3-C868A904D099",
"versionEndExcluding": "7.0.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:tz300p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7003DBEF-CA74-4429-B567-5CFFB83762E6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:tz300w_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6146E0C8-C5BB-499D-A96D-F389005907A9",
"versionEndExcluding": "7.0.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:tz300w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A8AC8EAE-99BE-4889-9978-5083F71D7178",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:tz350_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "11C184C3-B45C-463E-9EEE-93C809C3E30C",
"versionEndExcluding": "7.0.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:tz350:-:*:*:*:*:*:*:*",
"matchCriteriaId": "479B1418-CA62-4B24-A5DB-21F488941754",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:tz350w_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "20B993F6-86CC-4B12-A0FD-BED6D327AAF7",
"versionEndExcluding": "7.0.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:tz350w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D3E0AB47-5EE3-4F2F-B442-DA48C58C44D6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:nssp_10700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "52C0B074-3D97-49BB-A3FD-D316FBFE0F95",
"versionEndExcluding": "7.0.1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nssp_10700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7C3BA5A3-1160-4793-A8D6-40B9D264BCC4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:nssp_11700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "59528209-07F4-461E-B120-5559D4E9DA90",
"versionEndExcluding": "7.0.1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nssp_11700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6739DEA3-06FF-4FEB-9931-0DB27F63B70E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:nssp_12400_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DB28494B-45BC-4DA4-913C-6569A898AE01",
"versionEndExcluding": "7.0.1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nssp_12400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F2F22AB1-044C-45F1-BD33-82BB46402363",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:nssp_12800_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5B77B8C4-AD73-4C26-91AE-BA66DEA21D11",
"versionEndExcluding": "7.0.1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nssp_12800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E62EAD79-2CD4-4479-B26A-A0C97B5B241A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:nssp_13700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FC1D781-9F63-4559-AB61-F22F09DCB915",
"versionEndExcluding": "7.0.1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nssp_13700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0250EDF9-0AEF-4711-8EF6-D447CF48BCAF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:nssp_15700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ABA21425-8435-4BFB-A75C-E53B50AB54B7",
"versionEndExcluding": "7.0.1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nssp_15700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7D6CF3CF-256C-4C04-8BDF-B16398CD0459",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:tz370_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BE1FC1E2-9445-4563-9003-8110C5E811C3",
"versionEndExcluding": "7.0.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:tz370:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9853AE3A-B0EA-4249-AA7D-1F2051C9BF91",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:tz370w_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "39DBBC2B-24CC-4CF6-A700-090BDC890E94",
"versionEndExcluding": "7.0.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:tz370w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4DBDD10C-F89D-4051-BC70-67B41167FF9B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:tz400_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "03A6FF32-EDAF-4D5E-A365-F1C693498FD8",
"versionEndExcluding": "7.0.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:tz400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D50B19A6-80C4-4FF7-9CD5-58938641D3DC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:nsv_10_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8FE24F88-E6D3-410F-814E-9C3E7F7B2AAD",
"versionEndExcluding": "7.0.1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsv_10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "75912A50-E148-43C9-9335-BE19977F8A70",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:nsv_100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8FEAFEE2-A23A-47EF-B6C1-E0B554F173CD",
"versionEndExcluding": "7.0.1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsv_100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12CF8746-84DF-4FB6-B5B7-AAED39E7FA6C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:nsv_1600_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4D85DE14-68AA-43EC-BECF-6E8CBC40AFAC",
"versionEndExcluding": "7.0.1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsv_1600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3ED84FC8-3E4E-4D29-B725-57AE7EEEC6DA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:nsv_200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "76F5C662-A97A-4B1C-AEE9-08724F55B818",
"versionEndExcluding": "7.0.1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsv_200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AC0B21B1-ABA5-49E2-9B43-E85B9B447F45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:nsv_25_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "34A382C1-EA35-44EC-B2EA-4740AA0F7BE5",
"versionEndExcluding": "7.0.1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsv_25:-:*:*:*:*:*:*:*",
"matchCriteriaId": "731B4849-2F0B-4625-B768-2287964ECDAF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:nsv_270_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4DE753AE-26B3-4549-992A-AC80D578474C",
"versionEndExcluding": "7.0.1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsv_270:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F2ABC8D8-2943-4073-9568-E87961A18998",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:nsv_300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0DD008C6-6F0F-40FF-879B-8362DA326686",
"versionEndExcluding": "7.0.1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsv_300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0BC92834-A624-49D8-BF14-9F545C63EB0B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:nsv_400_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "60BA1C39-04C3-4652-B060-FFD96B3B1C93",
"versionEndExcluding": "7.0.1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsv_400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "18066544-CD00-41A5-9392-6023020853D4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:nsv_470_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AC2D35CB-BFDF-4661-880D-E3EC2576B6F9",
"versionEndExcluding": "7.0.1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsv_470:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9F57D527-AA3F-45E9-9BCE-6F76691066B5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:nsv_50_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "71DE0BAA-A331-4EA1-A66F-D641D6BF41E9",
"versionEndExcluding": "7.0.1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsv_50:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6A644965-B1B8-4581-BCAC-8D6BCC961A03",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:nsv_800_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5C01396B-2F62-42F1-9FE8-A6E762C39269",
"versionEndExcluding": "7.0.1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsv_800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "30061761-D324-43DD-B43D-F2DFEF987364",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:nsv_870_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F4633CAF-FD12-4AEF-A994-EED301A41AD0",
"versionEndExcluding": "7.0.1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsv_870:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F5ECCCF0-A5D8-42A8-8EC1-D12B49B1124A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:tz400w_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "12BD7973-192B-42F7-B880-4E85714A4BDB",
"versionEndExcluding": "7.0.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:tz400w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "745643D6-9336-4FBE-9625-99599DFBB8A2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:tz470_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AC300FB0-6B64-4EBC-ACA3-50D3BE60C4A8",
"versionEndExcluding": "7.0.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:tz470:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C23940E-2F9D-447B-A740-42035ED5D400",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:tz470w_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "28EB0A22-8096-4784-A1FB-670410EAD0B1",
"versionEndExcluding": "7.0.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:tz470w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "90C790AD-C40E-4527-8F83-D278282A9600",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:tz500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0B04CF80-5FA2-41B8-BD7C-39D498FEEDBF",
"versionEndExcluding": "7.0.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:tz500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C09B5BCD-C830-4C67-B966-1CA499F21D04",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:nsa_2650_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "507519D2-3CFF-48FD-AD9F-2B42DADE660A",
"versionEndExcluding": "7.0.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsa_2650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B7BCDFEE-DC5A-44B8-85DF-8BFC02B1A973",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:nsa_2700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4944BF99-147C-4945-BA19-18C95309904B",
"versionEndExcluding": "7.0.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsa_2700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8D8B0C7A-FD65-47CA-A625-150A90EFA7A1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:nsa_3650_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D064D1A1-DA21-45A1-BA38-519E7EBE5898",
"versionEndExcluding": "7.0.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsa_3650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "043858A6-26AC-4EB0-A240-A43AD08C6AD5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:nsa_3700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "882B72E4-5141-4280-819E-C4A80E6A464C",
"versionEndExcluding": "7.0.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsa_3700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A69E000B-5806-46FD-A233-4E2CC9DD38D2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:nsa_4650_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1E9757B0-B0AB-433F-8C85-A8F0CEE44D1F",
"versionEndExcluding": "7.0.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsa_4650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "73BB9452-A014-4A68-9662-63E6C60EEAD2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:nsa_4700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C893FD13-98CF-4C06-9D5E-5B08F3C88D5F",
"versionEndExcluding": "7.0.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsa_4700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8DF4A322-7CC7-4AB9-B10E-FFF34DF2182D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:nsa_5650_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8BE0BBF9-D363-4106-A805-F86637AFBBD8",
"versionEndExcluding": "7.0.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsa_5650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9FAAEBB4-F180-4195-BA7F-591AB02EEDC9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:nsa_5700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "53DCED63-ADC3-4E82-BABA-D24F76C3DD17",
"versionEndExcluding": "7.0.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsa_5700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4C15FED5-C48C-47CF-9645-0563D77883C1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:nsa_6650_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7E16CA5E-1261-400F-A195-7FC44BBEDA68",
"versionEndExcluding": "7.0.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsa_6650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "676B05B2-716E-4DC4-BEE8-0E3BCCA5DB27",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:nsa_6700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4273AA33-9129-49FA-9396-3BF0CF297422",
"versionEndExcluding": "7.0.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsa_6700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A884B1BB-F201-4C77-9F6E-B8A884DCD4C2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:nsa_9250_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CA4AE1A6-0F7E-4F86-B3A1-484C1DD97092",
"versionEndExcluding": "7.0.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsa_9250:-:*:*:*:*:*:*:*",
"matchCriteriaId": "60219D0D-240E-4C5E-ADEE-0144DB076F28",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:nsa_9450_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C8F74599-442F-4DE1-8BCF-FE38B159AEFA",
"versionEndExcluding": "7.0.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsa_9450:-:*:*:*:*:*:*:*",
"matchCriteriaId": "260EAE19-8320-4616-8833-B214D41FA98E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:nsa_9650_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "06C19936-43F3-4348-9B08-F0897134D791",
"versionEndExcluding": "7.0.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsa_9650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "94F17A77-EB74-4815-A026-6116755EFB37",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:tz500w_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ABEA6F9B-3E58-42BA-848E-5BD84DC71E15",
"versionEndExcluding": "7.0.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:tz500w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA61303F-736E-411F-AEF3-6335C0795138",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:tz570_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6797D1EF-92E1-43E9-92EC-3779B7AAE9F9",
"versionEndExcluding": "7.0.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:tz570:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C7DF76E0-8E3D-4E0D-A3BB-F5AE05A4C7C9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:tz570p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B3A454D4-6681-4492-948C-F85AFBB23F06",
"versionEndExcluding": "7.0.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:tz570p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "352DFCF9-E333-41C0-8033-91265768FD8E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:tz570w_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C4772E1B-F3B7-481F-8B96-980AA0936C74",
"versionEndExcluding": "7.0.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:tz570w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4C882C38-9DA5-4C03-BB23-AB2B448E3307",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:tz600_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0AC5E922-DAF7-4F21-96E2-9489387835B6",
"versionEndExcluding": "7.0.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:tz600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3506950B-2404-41D2-8EF3-1694777D9EEA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:tz600p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AB3A0E77-C70F-4CA8-B35F-4F72A2D128CD",
"versionEndExcluding": "7.0.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:tz600p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7B4C9916-AD16-4E31-90A6-2AD577EA9783",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:tz670_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B4D07D4B-7D7F-4F92-8746-737356F7446C",
"versionEndExcluding": "7.0.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:tz670:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AEEA6065-48D3-4EC7-BD94-CBAE3D1010FF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in SonicOS SNMP service resulting exposure of sensitive information to an unauthorized user."
},
{
"lang": "es",
"value": "Una vulnerabilidad en el servicio SNMP de SonicOS resultando en una exposici\u00f3n de informaci\u00f3n confidencial a un usuario no autorizado"
}
],
"id": "CVE-2022-22276",
"lastModified": "2024-11-21T06:46:32.533",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-04-27T17:15:07.337",
"references": [
{
"source": "PSIRT@sonicwall.com",
"tags": [
"Vendor Advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0004"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0004"
}
],
"sourceIdentifier": "PSIRT@sonicwall.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "PSIRT@sonicwall.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-10-17 23:15
Modified
2024-11-21 08:21
Severity ?
Summary
SonicOS post-authentication Stack-Based Buffer Overflow Vulnerability in the sonicwall.exp, prefs.exp URL endpoints lead to a firewall crash.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2C7049FD-8088-4FCE-886A-F4CF5E287D1C",
"versionEndExcluding": "7.0.1-5145",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsa2700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4AFAFCEC-A61E-40EB-87B9-7449751CCAF8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa3700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BC4F132-D29A-4974-86DA-6E35AB05327C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa4700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CBE365CF-DBE9-4C84-AB0C-0CAB7C74ED40",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa5700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "016BB564-CEFC-4E0C-9D38-D9C4C8B2E492",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa6700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5D95DCC6-6F48-4A79-A9F6-BDB1AEFA2180",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nssp10700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15F2741F-3C32-4075-A224-BE272B50E3D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nssp11700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AC883B32-987C-4D34-8BBF-39E2C57A62EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nssp13700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C72EA66A-320C-4D5E-B3F6-6D5F8733E2F1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nssp15700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F8B4A33E-8456-451E-AAF4-7F48BEDACF45",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F5B29EE-9D04-44CC-BB1F-C3C6130D2708",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB6153BB-7B2C-4307-ABE0-0E7E1745DEC7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv1600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "93914C8C-69ED-480C-80F2-4334C00788D8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE26ECE3-9E17-456F-A416-E23A758C9E4C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv25:-:*:*:*:*:*:*:*",
"matchCriteriaId": "67EEA85D-8F9E-4E41-B8B3-119738375A84",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv270:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DACDCE12-74C2-4F3C-8421-9191700514C5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F0D33997-0D65-464E-8AA5-043499C667D1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D13CD6CF-B048-4214-AAA8-AB58BE6C6C5E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv470:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AF1ECB1-6257-41E3-A050-6467063F4807",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv50:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA838CC7-083A-4BF1-9C95-BED6F5A2992C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D0171D69-14A6-4AB0-8377-C233F5E192D8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv870:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0883D805-1BA9-49CE-AEC7-51C9D9A69C5C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz270:-:*:*:*:*:*:*:*",
"matchCriteriaId": "70340DD4-687B-402C-85AF-C2B80D0F1600",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz270w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "52847BA2-470B-4078-A79B-52095DB9214B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz370:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9853AE3A-B0EA-4249-AA7D-1F2051C9BF91",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz370w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4DBDD10C-F89D-4051-BC70-67B41167FF9B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz470:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C23940E-2F9D-447B-A740-42035ED5D400",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz470w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "90C790AD-C40E-4527-8F83-D278282A9600",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz570:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C7DF76E0-8E3D-4E0D-A3BB-F5AE05A4C7C9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz570p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "352DFCF9-E333-41C0-8033-91265768FD8E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz570w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4C882C38-9DA5-4C03-BB23-AB2B448E3307",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz670:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AEEA6065-48D3-4EC7-BD94-CBAE3D1010FF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9B91638E-FB80-4C65-8A37-827488CB3E2C",
"versionEndExcluding": "6.5.4.4-44v-21-2340",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsv10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F5B29EE-9D04-44CC-BB1F-C3C6130D2708",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB6153BB-7B2C-4307-ABE0-0E7E1745DEC7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv1600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "93914C8C-69ED-480C-80F2-4334C00788D8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE26ECE3-9E17-456F-A416-E23A758C9E4C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv25:-:*:*:*:*:*:*:*",
"matchCriteriaId": "67EEA85D-8F9E-4E41-B8B3-119738375A84",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv270:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DACDCE12-74C2-4F3C-8421-9191700514C5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F0D33997-0D65-464E-8AA5-043499C667D1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D13CD6CF-B048-4214-AAA8-AB58BE6C6C5E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv470:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AF1ECB1-6257-41E3-A050-6467063F4807",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv50:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA838CC7-083A-4BF1-9C95-BED6F5A2992C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D0171D69-14A6-4AB0-8377-C233F5E192D8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv870:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0883D805-1BA9-49CE-AEC7-51C9D9A69C5C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0D74A465-1A72-4A02-8A54-FD502BD28119",
"versionEndExcluding": "6.5.4.13-105n",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsa_2600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F86D13F9-D41E-4230-9116-A781FFAEF00D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_2650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B7BCDFEE-DC5A-44B8-85DF-8BFC02B1A973",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_3600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8A24BCC0-CE41-49AF-B03D-D4FCB422503B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_3650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "043858A6-26AC-4EB0-A240-A43AD08C6AD5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_4600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8FD73880-DC60-467F-99B6-69807D58A840",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_4650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "73BB9452-A014-4A68-9662-63E6C60EEAD2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_5600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B0CF683A-7E83-464B-8A0D-4CC641377FA6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_5650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9FAAEBB4-F180-4195-BA7F-591AB02EEDC9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_6600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD9C3F77-2F1A-4C4F-A8F8-CDBFB7B87891",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_6650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "676B05B2-716E-4DC4-BEE8-0E3BCCA5DB27",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:sm_9200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FEF2B435-957C-4BBE-937D-23E4F33189EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:sm_9250:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0CE4FE75-10AD-47D4-AF87-E4C294F89EA8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:sm_9400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B485C543-DFCF-4481-92B4-F7198EE4FBD1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:sm_9450:-:*:*:*:*:*:*:*",
"matchCriteriaId": "928C1C0D-7AF7-4076-B5B2-207DFF3AD6A4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:sm_9600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F030C5AB-36CA-445E-AC87-8DEE18DBB40E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:sm_9650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A1F9D940-8AE2-4B92-B69D-9FF6F48DF16C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:soho_250:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9FDE64E9-44DD-4B7C-BA34-FE2C79E3FAED",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:soho_250w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E8F3935-89B4-4091-9B8C-442C02FD4F3A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:sohow:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7268E89B-FF46-45AD-82FF-333505EF957B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0804FADE-57F7-452F-86B3-079701059D37",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_300p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9956F726-6D62-4616-B60A-4D3DD6F32105",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_300w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "29F4D403-F20A-4802-AAE9-9582486EB436",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_350:-:*:*:*:*:*:*:*",
"matchCriteriaId": "675F28A7-0BB3-4CDA-855E-7EFC650B512E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5983C650-84F6-4B2E-A27E-9E83EA1DDC02",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_400w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BDD4B412-7967-477F-929E-8F12A39186FF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A1D996FA-52D1-47C2-87E6-682EEC9CA532",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_500w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B9DEF6EE-000D-407D-AA2B-E039BA306A2A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C0B8BFA4-2E15-4318-B7A9-DBDE801D0CF0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_600p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DCB8CDE6-8052-40F7-950F-05329499A58A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SonicOS post-authentication Stack-Based Buffer Overflow Vulnerability in the sonicwall.exp, prefs.exp URL endpoints lead to a firewall crash."
},
{
"lang": "es",
"value": "La vulnerabilidad de desbordamiento del b\u00fafer posterior a la autenticaci\u00f3n de SonicOS en los endpoint de URL sonicwall.exp, prefs.exp provoca una falla del firewall."
}
],
"id": "CVE-2023-41711",
"lastModified": "2024-11-21T08:21:31.477",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-10-17T23:15:12.027",
"references": [
{
"source": "PSIRT@sonicwall.com",
"tags": [
"Vendor Advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0012"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0012"
}
],
"sourceIdentifier": "PSIRT@sonicwall.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-121"
}
],
"source": "PSIRT@sonicwall.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-08-23 07:15
Modified
2024-09-16 19:48
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.3 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:L
9.3 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:L
Summary
An improper access control vulnerability has been identified in the SonicWall SonicOS management access, potentially leading to unauthorized resource access and in specific conditions, causing the firewall to crash. This issue affects SonicWall Firewall Gen 5 and Gen 6 devices, as well as Gen 7 devices running SonicOS 7.0.1-5035 and older versions.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| PSIRT@sonicwall.com | https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0015 | Vendor Advisory |
Impacted products
{
"cisaActionDue": "2024-09-30",
"cisaExploitAdd": "2024-09-09",
"cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"cisaVulnerabilityName": "SonicWall SonicOS Improper Access Control Vulnerability",
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "37E20C47-F8DA-4313-B9AD-C63CEA9D42C5",
"versionEndExcluding": "5.9.2.14-13o",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:soho:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C6B6B3FD-428E-4D6C-8C45-172CF4FB430D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0B16D102-B2BA-4F94-A42F-B8EB2E697907",
"versionEndExcluding": "6.5.2.8-2n",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nssp_12400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F2F22AB1-044C-45F1-BD33-82BB46402363",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nssp_12800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E62EAD79-2CD4-4479-B26A-A0C97B5B241A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:sm9800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FCBF16D6-4C60-440D-95AB-986ABC4F9100",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CAFD6E22-8E19-4B5A-85DE-7850FE0AE7CF",
"versionEndExcluding": "6.5.4.15.116n",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsa_2650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B7BCDFEE-DC5A-44B8-85DF-8BFC02B1A973",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_3600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8A24BCC0-CE41-49AF-B03D-D4FCB422503B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_3650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "043858A6-26AC-4EB0-A240-A43AD08C6AD5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_4600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8FD73880-DC60-467F-99B6-69807D58A840",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_4650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "73BB9452-A014-4A68-9662-63E6C60EEAD2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_5600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B0CF683A-7E83-464B-8A0D-4CC641377FA6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_5650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9FAAEBB4-F180-4195-BA7F-591AB02EEDC9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_6600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD9C3F77-2F1A-4C4F-A8F8-CDBFB7B87891",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_6650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "676B05B2-716E-4DC4-BEE8-0E3BCCA5DB27",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:sm_9200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FEF2B435-957C-4BBE-937D-23E4F33189EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:sm_9250:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0CE4FE75-10AD-47D4-AF87-E4C294F89EA8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:sm_9400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B485C543-DFCF-4481-92B4-F7198EE4FBD1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:sm_9450:-:*:*:*:*:*:*:*",
"matchCriteriaId": "928C1C0D-7AF7-4076-B5B2-207DFF3AD6A4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:sm_9600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F030C5AB-36CA-445E-AC87-8DEE18DBB40E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:sm_9650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A1F9D940-8AE2-4B92-B69D-9FF6F48DF16C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:soho_250:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9FDE64E9-44DD-4B7C-BA34-FE2C79E3FAED",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:soho_250w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E8F3935-89B4-4091-9B8C-442C02FD4F3A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:sohow:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7268E89B-FF46-45AD-82FF-333505EF957B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0804FADE-57F7-452F-86B3-079701059D37",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_300p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9956F726-6D62-4616-B60A-4D3DD6F32105",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_300w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "29F4D403-F20A-4802-AAE9-9582486EB436",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_350:-:*:*:*:*:*:*:*",
"matchCriteriaId": "675F28A7-0BB3-4CDA-855E-7EFC650B512E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_350w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FF991212-3F2C-4F54-B96C-C33F500DB77B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5983C650-84F6-4B2E-A27E-9E83EA1DDC02",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_400w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BDD4B412-7967-477F-929E-8F12A39186FF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A1D996FA-52D1-47C2-87E6-682EEC9CA532",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_500w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B9DEF6EE-000D-407D-AA2B-E039BA306A2A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C0B8BFA4-2E15-4318-B7A9-DBDE801D0CF0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_600p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DCB8CDE6-8052-40F7-950F-05329499A58A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "34814AB8-5F1D-44B4-B53B-FC4FA794DDAA",
"versionEndIncluding": "7.0.1-5035",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsa_2700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8D8B0C7A-FD65-47CA-A625-150A90EFA7A1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_3700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A69E000B-5806-46FD-A233-4E2CC9DD38D2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_4700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8DF4A322-7CC7-4AB9-B10E-FFF34DF2182D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_5700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4C15FED5-C48C-47CF-9645-0563D77883C1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_6700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A884B1BB-F201-4C77-9F6E-B8A884DCD4C2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nssp_10700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7C3BA5A3-1160-4793-A8D6-40B9D264BCC4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nssp_11700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6739DEA3-06FF-4FEB-9931-0DB27F63B70E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nssp_13700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0250EDF9-0AEF-4711-8EF6-D447CF48BCAF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz270:-:*:*:*:*:*:*:*",
"matchCriteriaId": "70340DD4-687B-402C-85AF-C2B80D0F1600",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz270w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "52847BA2-470B-4078-A79B-52095DB9214B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz370:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9853AE3A-B0EA-4249-AA7D-1F2051C9BF91",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz370w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4DBDD10C-F89D-4051-BC70-67B41167FF9B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz470:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C23940E-2F9D-447B-A740-42035ED5D400",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz470w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "90C790AD-C40E-4527-8F83-D278282A9600",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz570:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C7DF76E0-8E3D-4E0D-A3BB-F5AE05A4C7C9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz570p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "352DFCF9-E333-41C0-8033-91265768FD8E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz570w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4C882C38-9DA5-4C03-BB23-AB2B448E3307",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz670:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AEEA6065-48D3-4EC7-BD94-CBAE3D1010FF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An improper access control vulnerability has been identified in the SonicWall SonicOS management access, potentially leading to unauthorized resource access and in specific conditions, causing the firewall to crash. This issue affects SonicWall Firewall Gen 5 and Gen 6 devices, as well as Gen 7 devices running SonicOS 7.0.1-5035 and older versions."
},
{
"lang": "es",
"value": "Se ha identificado una vulnerabilidad de control de acceso inadecuado en el acceso de administraci\u00f3n de SonicWall SonicOS, que potencialmente conduce a un acceso no autorizado a recursos y, en condiciones espec\u00edficas, provoca que el firewall falle. Este problema afecta a los dispositivos SonicWall Firewall Gen 5 y Gen 6, as\u00ed como a los dispositivos Gen 7 que ejecutan SonicOS 7.0.1-5035 y versiones anteriores."
}
],
"id": "CVE-2024-40766",
"lastModified": "2024-09-16T19:48:30.827",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 4.7,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2024-08-23T07:15:03.643",
"references": [
{
"source": "PSIRT@sonicwall.com",
"tags": [
"Vendor Advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0015"
}
],
"sourceIdentifier": "PSIRT@sonicwall.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-284"
}
],
"source": "PSIRT@sonicwall.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-06-20 09:15
Modified
2024-11-21 09:07
Severity ?
Summary
Stack-based buffer overflow vulnerability in the SonicOS HTTP server allows an authenticated remote attacker to cause Denial of Service (DoS) via sscanf function.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sonicwall | sonicos | * | |
| sonicwall | sonicos | * | |
| sonicwall | sonicos | * | |
| sonicwall | nsa_2700 | - | |
| sonicwall | nsa_3700 | - | |
| sonicwall | nsa_4700 | - | |
| sonicwall | nsa_5700 | - | |
| sonicwall | nsa_6700 | - | |
| sonicwall | nssp_10700 | - | |
| sonicwall | nssp_11700 | - | |
| sonicwall | nssp_13700 | - | |
| sonicwall | nsv_270 | - | |
| sonicwall | nsv_470 | - | |
| sonicwall | nsv_870 | - | |
| sonicwall | tz270 | - | |
| sonicwall | tz270w | - | |
| sonicwall | tz370 | - | |
| sonicwall | tz370w | - | |
| sonicwall | tz470 | - | |
| sonicwall | tz470w | - | |
| sonicwall | tz570 | - | |
| sonicwall | tz570p | - | |
| sonicwall | tz570w | - | |
| sonicwall | tz670 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BE881F9C-CE9E-4D1B-92BA-D28B2B16178A",
"versionEndExcluding": "7.0.1-5161",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FFC449BE-1EA7-42B9-BB33-4FF14A78D2B0",
"versionEndExcluding": "7.1.1-7058",
"versionStartIncluding": "7.1.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A859C784-32BA-43BC-97BC-120047A67EEC",
"versionEndExcluding": "7.1.2-7019",
"versionStartIncluding": "7.1.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsa_2700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8D8B0C7A-FD65-47CA-A625-150A90EFA7A1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_3700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A69E000B-5806-46FD-A233-4E2CC9DD38D2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_4700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8DF4A322-7CC7-4AB9-B10E-FFF34DF2182D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_5700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4C15FED5-C48C-47CF-9645-0563D77883C1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_6700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A884B1BB-F201-4C77-9F6E-B8A884DCD4C2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nssp_10700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7C3BA5A3-1160-4793-A8D6-40B9D264BCC4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nssp_11700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6739DEA3-06FF-4FEB-9931-0DB27F63B70E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nssp_13700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0250EDF9-0AEF-4711-8EF6-D447CF48BCAF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv_270:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F2ABC8D8-2943-4073-9568-E87961A18998",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv_470:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9F57D527-AA3F-45E9-9BCE-6F76691066B5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv_870:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F5ECCCF0-A5D8-42A8-8EC1-D12B49B1124A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz270:-:*:*:*:*:*:*:*",
"matchCriteriaId": "70340DD4-687B-402C-85AF-C2B80D0F1600",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz270w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "52847BA2-470B-4078-A79B-52095DB9214B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz370:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9853AE3A-B0EA-4249-AA7D-1F2051C9BF91",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz370w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4DBDD10C-F89D-4051-BC70-67B41167FF9B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz470:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C23940E-2F9D-447B-A740-42035ED5D400",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz470w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "90C790AD-C40E-4527-8F83-D278282A9600",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz570:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C7DF76E0-8E3D-4E0D-A3BB-F5AE05A4C7C9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz570p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "352DFCF9-E333-41C0-8033-91265768FD8E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz570w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4C882C38-9DA5-4C03-BB23-AB2B448E3307",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz670:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AEEA6065-48D3-4EC7-BD94-CBAE3D1010FF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow vulnerability in the SonicOS HTTP server allows an authenticated remote attacker to cause Denial of Service (DoS) via sscanf function."
},
{
"lang": "es",
"value": "Una vulnerabilidad de desbordamiento de b\u00fafer basada en pila en el servidor HTTP de SonicOS permite que un atacante remoto autenticado provoque una denegaci\u00f3n de servicio (DoS) a trav\u00e9s de la funci\u00f3n sscanf."
}
],
"id": "CVE-2024-29012",
"lastModified": "2024-11-21T09:07:22.317",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-06-20T09:15:11.347",
"references": [
{
"source": "PSIRT@sonicwall.com",
"tags": [
"Vendor Advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0008"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0008"
}
],
"sourceIdentifier": "PSIRT@sonicwall.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-121"
}
],
"source": "PSIRT@sonicwall.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-03-02 22:15
Modified
2024-11-21 07:38
Severity ?
Summary
SonicOS SSLVPN improper restriction of excessive MFA attempts vulnerability allows an authenticated attacker to use excessive MFA codes.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "680A1C61-AA45-4CA1-88F6-95EC0A275E41",
"versionEndExcluding": "7.0.1-5111",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsa_2700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8D8B0C7A-FD65-47CA-A625-150A90EFA7A1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_3700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A69E000B-5806-46FD-A233-4E2CC9DD38D2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_4700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8DF4A322-7CC7-4AB9-B10E-FFF34DF2182D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_5700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4C15FED5-C48C-47CF-9645-0563D77883C1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_6700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A884B1BB-F201-4C77-9F6E-B8A884DCD4C2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nssp_10700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7C3BA5A3-1160-4793-A8D6-40B9D264BCC4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nssp_11700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6739DEA3-06FF-4FEB-9931-0DB27F63B70E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nssp_13700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0250EDF9-0AEF-4711-8EF6-D447CF48BCAF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv_270:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F2ABC8D8-2943-4073-9568-E87961A18998",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv_470:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9F57D527-AA3F-45E9-9BCE-6F76691066B5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv_870:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F5ECCCF0-A5D8-42A8-8EC1-D12B49B1124A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz270:-:*:*:*:*:*:*:*",
"matchCriteriaId": "70340DD4-687B-402C-85AF-C2B80D0F1600",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz270w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "52847BA2-470B-4078-A79B-52095DB9214B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz370:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9853AE3A-B0EA-4249-AA7D-1F2051C9BF91",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz370w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4DBDD10C-F89D-4051-BC70-67B41167FF9B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz470:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C23940E-2F9D-447B-A740-42035ED5D400",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz470w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "90C790AD-C40E-4527-8F83-D278282A9600",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz570:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C7DF76E0-8E3D-4E0D-A3BB-F5AE05A4C7C9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz570p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "352DFCF9-E333-41C0-8033-91265768FD8E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz570w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4C882C38-9DA5-4C03-BB23-AB2B448E3307",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz670:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AEEA6065-48D3-4EC7-BD94-CBAE3D1010FF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C61C96E2-0679-4555-A5D6-75E1BE44CB1F",
"versionEndIncluding": "7.0.1-5083",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nssp_15700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7D6CF3CF-256C-4C04-8BDF-B16398CD0459",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "715F6C7A-0A62-4261-8DD1-17F34AD5F710",
"versionEndIncluding": "6.5.4.4-44v-21-1551",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsv_10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "75912A50-E148-43C9-9335-BE19977F8A70",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv_100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12CF8746-84DF-4FB6-B5B7-AAED39E7FA6C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv_1600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3ED84FC8-3E4E-4D29-B725-57AE7EEEC6DA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv_200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AC0B21B1-ABA5-49E2-9B43-E85B9B447F45",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv_25:-:*:*:*:*:*:*:*",
"matchCriteriaId": "731B4849-2F0B-4625-B768-2287964ECDAF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv_300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0BC92834-A624-49D8-BF14-9F545C63EB0B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv_400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "18066544-CD00-41A5-9392-6023020853D4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv_50:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6A644965-B1B8-4581-BCAC-8D6BCC961A03",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv_800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "30061761-D324-43DD-B43D-F2DFEF987364",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "24C1B08A-B303-44F3-9285-1539588476BD",
"versionEndIncluding": "6.5.4.11-97n",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsa_2600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F86D13F9-D41E-4230-9116-A781FFAEF00D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_2650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B7BCDFEE-DC5A-44B8-85DF-8BFC02B1A973",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_3600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8A24BCC0-CE41-49AF-B03D-D4FCB422503B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_3650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "043858A6-26AC-4EB0-A240-A43AD08C6AD5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_4600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8FD73880-DC60-467F-99B6-69807D58A840",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_4650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "73BB9452-A014-4A68-9662-63E6C60EEAD2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_5600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B0CF683A-7E83-464B-8A0D-4CC641377FA6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_5650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9FAAEBB4-F180-4195-BA7F-591AB02EEDC9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_6600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD9C3F77-2F1A-4C4F-A8F8-CDBFB7B87891",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_6650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "676B05B2-716E-4DC4-BEE8-0E3BCCA5DB27",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_9250:-:*:*:*:*:*:*:*",
"matchCriteriaId": "60219D0D-240E-4C5E-ADEE-0144DB076F28",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_9450:-:*:*:*:*:*:*:*",
"matchCriteriaId": "260EAE19-8320-4616-8833-B214D41FA98E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_9650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "94F17A77-EB74-4815-A026-6116755EFB37",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nssp12400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD310CFE-1171-471A-8B29-A8974F06FF5C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nssp12800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "462177B2-E0EC-494A-93A8-9582DCECC368",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:sm10200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D96A9430-B9FC-48FE-8507-E7694F80EF5B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:sm10400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A515B0BE-3655-48A1-B113-9A4E39A40CE9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:sm10800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "40C227CA-D865-47CC-AD4D-96ED19892BDA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:sm9200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3547DE9C-A657-4AB6-AD00-5185BE7D227E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:sm9400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "88DB2D0B-8199-4241-A826-4BD91AB5D4E4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:sm9600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7079B7DB-CBC1-4116-929B-956C361AF764",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:sm9800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FCBF16D6-4C60-440D-95AB-986ABC4F9100",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:soho_250:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9FDE64E9-44DD-4B7C-BA34-FE2C79E3FAED",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:soho_250w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E8F3935-89B4-4091-9B8C-442C02FD4F3A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:sohow:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7268E89B-FF46-45AD-82FF-333505EF957B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "09678BBE-7603-41D2-BF09-415CA33C7EFA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz300p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7003DBEF-CA74-4429-B567-5CFFB83762E6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz300w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A8AC8EAE-99BE-4889-9978-5083F71D7178",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz350:-:*:*:*:*:*:*:*",
"matchCriteriaId": "479B1418-CA62-4B24-A5DB-21F488941754",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz350w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D3E0AB47-5EE3-4F2F-B442-DA48C58C44D6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D50B19A6-80C4-4FF7-9CD5-58938641D3DC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz400w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "745643D6-9336-4FBE-9625-99599DFBB8A2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C09B5BCD-C830-4C67-B966-1CA499F21D04",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz500w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA61303F-736E-411F-AEF3-6335C0795138",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3506950B-2404-41D2-8EF3-1694777D9EEA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz600p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7B4C9916-AD16-4E31-90A6-2AD577EA9783",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SonicOS SSLVPN improper restriction of excessive MFA attempts vulnerability allows an authenticated attacker to use excessive MFA codes."
}
],
"id": "CVE-2023-1101",
"lastModified": "2024-11-21T07:38:27.710",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-03-02T22:15:09.560",
"references": [
{
"source": "PSIRT@sonicwall.com",
"tags": [
"Vendor Advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0005"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0005"
}
],
"sourceIdentifier": "PSIRT@sonicwall.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-307"
}
],
"source": "PSIRT@sonicwall.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-307"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-10-17 23:15
Modified
2024-11-21 08:15
Severity ?
Summary
SonicOS post-authentication stack-based buffer overflow vulnerability in the sonicflow.csv and appflowsessions.csv URL endpoints leads to a firewall crash.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2C7049FD-8088-4FCE-886A-F4CF5E287D1C",
"versionEndExcluding": "7.0.1-5145",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsa2700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4AFAFCEC-A61E-40EB-87B9-7449751CCAF8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa3700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BC4F132-D29A-4974-86DA-6E35AB05327C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa4700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CBE365CF-DBE9-4C84-AB0C-0CAB7C74ED40",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa5700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "016BB564-CEFC-4E0C-9D38-D9C4C8B2E492",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa6700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5D95DCC6-6F48-4A79-A9F6-BDB1AEFA2180",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nssp10700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15F2741F-3C32-4075-A224-BE272B50E3D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nssp11700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AC883B32-987C-4D34-8BBF-39E2C57A62EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nssp13700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C72EA66A-320C-4D5E-B3F6-6D5F8733E2F1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nssp15700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F8B4A33E-8456-451E-AAF4-7F48BEDACF45",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F5B29EE-9D04-44CC-BB1F-C3C6130D2708",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB6153BB-7B2C-4307-ABE0-0E7E1745DEC7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv1600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "93914C8C-69ED-480C-80F2-4334C00788D8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE26ECE3-9E17-456F-A416-E23A758C9E4C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv25:-:*:*:*:*:*:*:*",
"matchCriteriaId": "67EEA85D-8F9E-4E41-B8B3-119738375A84",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv270:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DACDCE12-74C2-4F3C-8421-9191700514C5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F0D33997-0D65-464E-8AA5-043499C667D1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D13CD6CF-B048-4214-AAA8-AB58BE6C6C5E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv470:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AF1ECB1-6257-41E3-A050-6467063F4807",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv50:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA838CC7-083A-4BF1-9C95-BED6F5A2992C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D0171D69-14A6-4AB0-8377-C233F5E192D8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv870:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0883D805-1BA9-49CE-AEC7-51C9D9A69C5C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz270:-:*:*:*:*:*:*:*",
"matchCriteriaId": "70340DD4-687B-402C-85AF-C2B80D0F1600",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz270w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "52847BA2-470B-4078-A79B-52095DB9214B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz370:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9853AE3A-B0EA-4249-AA7D-1F2051C9BF91",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz370w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4DBDD10C-F89D-4051-BC70-67B41167FF9B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz470:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C23940E-2F9D-447B-A740-42035ED5D400",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz470w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "90C790AD-C40E-4527-8F83-D278282A9600",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz570:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C7DF76E0-8E3D-4E0D-A3BB-F5AE05A4C7C9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz570p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "352DFCF9-E333-41C0-8033-91265768FD8E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz570w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4C882C38-9DA5-4C03-BB23-AB2B448E3307",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz670:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AEEA6065-48D3-4EC7-BD94-CBAE3D1010FF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9B91638E-FB80-4C65-8A37-827488CB3E2C",
"versionEndExcluding": "6.5.4.4-44v-21-2340",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsv10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F5B29EE-9D04-44CC-BB1F-C3C6130D2708",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB6153BB-7B2C-4307-ABE0-0E7E1745DEC7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv1600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "93914C8C-69ED-480C-80F2-4334C00788D8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE26ECE3-9E17-456F-A416-E23A758C9E4C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv25:-:*:*:*:*:*:*:*",
"matchCriteriaId": "67EEA85D-8F9E-4E41-B8B3-119738375A84",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv270:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DACDCE12-74C2-4F3C-8421-9191700514C5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F0D33997-0D65-464E-8AA5-043499C667D1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D13CD6CF-B048-4214-AAA8-AB58BE6C6C5E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv470:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AF1ECB1-6257-41E3-A050-6467063F4807",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv50:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA838CC7-083A-4BF1-9C95-BED6F5A2992C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D0171D69-14A6-4AB0-8377-C233F5E192D8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv870:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0883D805-1BA9-49CE-AEC7-51C9D9A69C5C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0D74A465-1A72-4A02-8A54-FD502BD28119",
"versionEndExcluding": "6.5.4.13-105n",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsa_2600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F86D13F9-D41E-4230-9116-A781FFAEF00D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_2650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B7BCDFEE-DC5A-44B8-85DF-8BFC02B1A973",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_3600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8A24BCC0-CE41-49AF-B03D-D4FCB422503B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_3650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "043858A6-26AC-4EB0-A240-A43AD08C6AD5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_4600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8FD73880-DC60-467F-99B6-69807D58A840",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_4650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "73BB9452-A014-4A68-9662-63E6C60EEAD2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_5600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B0CF683A-7E83-464B-8A0D-4CC641377FA6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_5650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9FAAEBB4-F180-4195-BA7F-591AB02EEDC9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_6600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD9C3F77-2F1A-4C4F-A8F8-CDBFB7B87891",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_6650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "676B05B2-716E-4DC4-BEE8-0E3BCCA5DB27",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:sm_9200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FEF2B435-957C-4BBE-937D-23E4F33189EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:sm_9250:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0CE4FE75-10AD-47D4-AF87-E4C294F89EA8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:sm_9400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B485C543-DFCF-4481-92B4-F7198EE4FBD1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:sm_9450:-:*:*:*:*:*:*:*",
"matchCriteriaId": "928C1C0D-7AF7-4076-B5B2-207DFF3AD6A4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:sm_9600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F030C5AB-36CA-445E-AC87-8DEE18DBB40E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:sm_9650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A1F9D940-8AE2-4B92-B69D-9FF6F48DF16C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:soho_250:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9FDE64E9-44DD-4B7C-BA34-FE2C79E3FAED",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:soho_250w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E8F3935-89B4-4091-9B8C-442C02FD4F3A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:sohow:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7268E89B-FF46-45AD-82FF-333505EF957B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0804FADE-57F7-452F-86B3-079701059D37",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_300p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9956F726-6D62-4616-B60A-4D3DD6F32105",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_300w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "29F4D403-F20A-4802-AAE9-9582486EB436",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_350:-:*:*:*:*:*:*:*",
"matchCriteriaId": "675F28A7-0BB3-4CDA-855E-7EFC650B512E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5983C650-84F6-4B2E-A27E-9E83EA1DDC02",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_400w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BDD4B412-7967-477F-929E-8F12A39186FF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A1D996FA-52D1-47C2-87E6-682EEC9CA532",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_500w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B9DEF6EE-000D-407D-AA2B-E039BA306A2A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C0B8BFA4-2E15-4318-B7A9-DBDE801D0CF0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_600p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DCB8CDE6-8052-40F7-950F-05329499A58A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "\nSonicOS post-authentication stack-based buffer overflow vulnerability in the sonicflow.csv and appflowsessions.csv URL endpoints leads to a firewall crash."
},
{
"lang": "es",
"value": "La vulnerabilidad de desbordamiento del b\u00fafer de autenticaci\u00f3n posterior de SonicOS en los endpoints de URL sonicflow.csv y appflowsessions.csv provoca una falla del firewall."
}
],
"id": "CVE-2023-39277",
"lastModified": "2024-11-21T08:15:02.753",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-10-17T23:15:11.660",
"references": [
{
"source": "PSIRT@sonicwall.com",
"tags": [
"Vendor Advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0012"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0012"
}
],
"sourceIdentifier": "PSIRT@sonicwall.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-121"
}
],
"source": "PSIRT@sonicwall.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-10-17 23:15
Modified
2024-11-21 08:21
Severity ?
Summary
SonicOS post-authentication Improper Privilege Management vulnerability in the SonicOS SSL VPN Tunnel allows users to elevate their privileges inside the tunnel.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2C7049FD-8088-4FCE-886A-F4CF5E287D1C",
"versionEndExcluding": "7.0.1-5145",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsa2700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4AFAFCEC-A61E-40EB-87B9-7449751CCAF8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa3700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BC4F132-D29A-4974-86DA-6E35AB05327C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa4700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CBE365CF-DBE9-4C84-AB0C-0CAB7C74ED40",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa5700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "016BB564-CEFC-4E0C-9D38-D9C4C8B2E492",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa6700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5D95DCC6-6F48-4A79-A9F6-BDB1AEFA2180",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nssp10700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15F2741F-3C32-4075-A224-BE272B50E3D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nssp11700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AC883B32-987C-4D34-8BBF-39E2C57A62EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nssp13700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C72EA66A-320C-4D5E-B3F6-6D5F8733E2F1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nssp15700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F8B4A33E-8456-451E-AAF4-7F48BEDACF45",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F5B29EE-9D04-44CC-BB1F-C3C6130D2708",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB6153BB-7B2C-4307-ABE0-0E7E1745DEC7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv1600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "93914C8C-69ED-480C-80F2-4334C00788D8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE26ECE3-9E17-456F-A416-E23A758C9E4C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv25:-:*:*:*:*:*:*:*",
"matchCriteriaId": "67EEA85D-8F9E-4E41-B8B3-119738375A84",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv270:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DACDCE12-74C2-4F3C-8421-9191700514C5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F0D33997-0D65-464E-8AA5-043499C667D1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D13CD6CF-B048-4214-AAA8-AB58BE6C6C5E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv470:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AF1ECB1-6257-41E3-A050-6467063F4807",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv50:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA838CC7-083A-4BF1-9C95-BED6F5A2992C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D0171D69-14A6-4AB0-8377-C233F5E192D8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv870:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0883D805-1BA9-49CE-AEC7-51C9D9A69C5C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz270:-:*:*:*:*:*:*:*",
"matchCriteriaId": "70340DD4-687B-402C-85AF-C2B80D0F1600",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz270w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "52847BA2-470B-4078-A79B-52095DB9214B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz370:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9853AE3A-B0EA-4249-AA7D-1F2051C9BF91",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz370w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4DBDD10C-F89D-4051-BC70-67B41167FF9B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz470:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C23940E-2F9D-447B-A740-42035ED5D400",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz470w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "90C790AD-C40E-4527-8F83-D278282A9600",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz570:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C7DF76E0-8E3D-4E0D-A3BB-F5AE05A4C7C9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz570p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "352DFCF9-E333-41C0-8033-91265768FD8E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz570w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4C882C38-9DA5-4C03-BB23-AB2B448E3307",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz670:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AEEA6065-48D3-4EC7-BD94-CBAE3D1010FF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9B91638E-FB80-4C65-8A37-827488CB3E2C",
"versionEndExcluding": "6.5.4.4-44v-21-2340",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsv10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F5B29EE-9D04-44CC-BB1F-C3C6130D2708",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB6153BB-7B2C-4307-ABE0-0E7E1745DEC7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv1600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "93914C8C-69ED-480C-80F2-4334C00788D8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE26ECE3-9E17-456F-A416-E23A758C9E4C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv25:-:*:*:*:*:*:*:*",
"matchCriteriaId": "67EEA85D-8F9E-4E41-B8B3-119738375A84",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv270:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DACDCE12-74C2-4F3C-8421-9191700514C5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F0D33997-0D65-464E-8AA5-043499C667D1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D13CD6CF-B048-4214-AAA8-AB58BE6C6C5E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv470:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AF1ECB1-6257-41E3-A050-6467063F4807",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv50:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA838CC7-083A-4BF1-9C95-BED6F5A2992C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D0171D69-14A6-4AB0-8377-C233F5E192D8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv870:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0883D805-1BA9-49CE-AEC7-51C9D9A69C5C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0D74A465-1A72-4A02-8A54-FD502BD28119",
"versionEndExcluding": "6.5.4.13-105n",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsa_2600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F86D13F9-D41E-4230-9116-A781FFAEF00D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_2650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B7BCDFEE-DC5A-44B8-85DF-8BFC02B1A973",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_3600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8A24BCC0-CE41-49AF-B03D-D4FCB422503B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_3650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "043858A6-26AC-4EB0-A240-A43AD08C6AD5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_4600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8FD73880-DC60-467F-99B6-69807D58A840",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_4650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "73BB9452-A014-4A68-9662-63E6C60EEAD2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_5600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B0CF683A-7E83-464B-8A0D-4CC641377FA6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_5650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9FAAEBB4-F180-4195-BA7F-591AB02EEDC9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_6600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD9C3F77-2F1A-4C4F-A8F8-CDBFB7B87891",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_6650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "676B05B2-716E-4DC4-BEE8-0E3BCCA5DB27",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:sm_9200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FEF2B435-957C-4BBE-937D-23E4F33189EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:sm_9250:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0CE4FE75-10AD-47D4-AF87-E4C294F89EA8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:sm_9400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B485C543-DFCF-4481-92B4-F7198EE4FBD1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:sm_9450:-:*:*:*:*:*:*:*",
"matchCriteriaId": "928C1C0D-7AF7-4076-B5B2-207DFF3AD6A4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:sm_9600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F030C5AB-36CA-445E-AC87-8DEE18DBB40E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:sm_9650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A1F9D940-8AE2-4B92-B69D-9FF6F48DF16C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:soho_250:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9FDE64E9-44DD-4B7C-BA34-FE2C79E3FAED",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:soho_250w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E8F3935-89B4-4091-9B8C-442C02FD4F3A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:sohow:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7268E89B-FF46-45AD-82FF-333505EF957B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0804FADE-57F7-452F-86B3-079701059D37",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_300p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9956F726-6D62-4616-B60A-4D3DD6F32105",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_300w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "29F4D403-F20A-4802-AAE9-9582486EB436",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_350:-:*:*:*:*:*:*:*",
"matchCriteriaId": "675F28A7-0BB3-4CDA-855E-7EFC650B512E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5983C650-84F6-4B2E-A27E-9E83EA1DDC02",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_400w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BDD4B412-7967-477F-929E-8F12A39186FF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A1D996FA-52D1-47C2-87E6-682EEC9CA532",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_500w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B9DEF6EE-000D-407D-AA2B-E039BA306A2A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C0B8BFA4-2E15-4318-B7A9-DBDE801D0CF0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_600p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DCB8CDE6-8052-40F7-950F-05329499A58A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SonicOS post-authentication Improper Privilege Management vulnerability in the SonicOS SSL VPN Tunnel allows users to elevate their privileges inside the tunnel.\n"
},
{
"lang": "es",
"value": "La vulnerabilidad de administraci\u00f3n de privilegios inadecuada posterior a la autenticaci\u00f3n de SonicOS en el t\u00fanel VPN SSL de SonicOS permite a los usuarios elevar sus privilegios dentro del t\u00fanel."
}
],
"id": "CVE-2023-41715",
"lastModified": "2024-11-21T08:21:31.977",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-10-17T23:15:12.227",
"references": [
{
"source": "PSIRT@sonicwall.com",
"tags": [
"Vendor Advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0012"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0012"
}
],
"sourceIdentifier": "PSIRT@sonicwall.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-269"
}
],
"source": "PSIRT@sonicwall.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-269"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-10-17 23:15
Modified
2024-11-21 08:15
Severity ?
Summary
SonicOS post-authentication Stack-Based Buffer Overflow vulnerability in the getPacketReplayData.json URL endpoint leads to a firewall crash.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2C7049FD-8088-4FCE-886A-F4CF5E287D1C",
"versionEndExcluding": "7.0.1-5145",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsa2700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4AFAFCEC-A61E-40EB-87B9-7449751CCAF8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa3700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BC4F132-D29A-4974-86DA-6E35AB05327C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa4700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CBE365CF-DBE9-4C84-AB0C-0CAB7C74ED40",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa5700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "016BB564-CEFC-4E0C-9D38-D9C4C8B2E492",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa6700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5D95DCC6-6F48-4A79-A9F6-BDB1AEFA2180",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nssp10700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15F2741F-3C32-4075-A224-BE272B50E3D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nssp11700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AC883B32-987C-4D34-8BBF-39E2C57A62EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nssp13700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C72EA66A-320C-4D5E-B3F6-6D5F8733E2F1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nssp15700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F8B4A33E-8456-451E-AAF4-7F48BEDACF45",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F5B29EE-9D04-44CC-BB1F-C3C6130D2708",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB6153BB-7B2C-4307-ABE0-0E7E1745DEC7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv1600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "93914C8C-69ED-480C-80F2-4334C00788D8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE26ECE3-9E17-456F-A416-E23A758C9E4C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv25:-:*:*:*:*:*:*:*",
"matchCriteriaId": "67EEA85D-8F9E-4E41-B8B3-119738375A84",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv270:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DACDCE12-74C2-4F3C-8421-9191700514C5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F0D33997-0D65-464E-8AA5-043499C667D1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D13CD6CF-B048-4214-AAA8-AB58BE6C6C5E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv470:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AF1ECB1-6257-41E3-A050-6467063F4807",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv50:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA838CC7-083A-4BF1-9C95-BED6F5A2992C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D0171D69-14A6-4AB0-8377-C233F5E192D8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv870:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0883D805-1BA9-49CE-AEC7-51C9D9A69C5C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz270:-:*:*:*:*:*:*:*",
"matchCriteriaId": "70340DD4-687B-402C-85AF-C2B80D0F1600",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz270w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "52847BA2-470B-4078-A79B-52095DB9214B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz370:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9853AE3A-B0EA-4249-AA7D-1F2051C9BF91",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz370w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4DBDD10C-F89D-4051-BC70-67B41167FF9B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz470:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C23940E-2F9D-447B-A740-42035ED5D400",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz470w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "90C790AD-C40E-4527-8F83-D278282A9600",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz570:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C7DF76E0-8E3D-4E0D-A3BB-F5AE05A4C7C9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz570p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "352DFCF9-E333-41C0-8033-91265768FD8E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz570w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4C882C38-9DA5-4C03-BB23-AB2B448E3307",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz670:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AEEA6065-48D3-4EC7-BD94-CBAE3D1010FF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9B91638E-FB80-4C65-8A37-827488CB3E2C",
"versionEndExcluding": "6.5.4.4-44v-21-2340",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsv10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F5B29EE-9D04-44CC-BB1F-C3C6130D2708",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB6153BB-7B2C-4307-ABE0-0E7E1745DEC7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv1600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "93914C8C-69ED-480C-80F2-4334C00788D8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE26ECE3-9E17-456F-A416-E23A758C9E4C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv25:-:*:*:*:*:*:*:*",
"matchCriteriaId": "67EEA85D-8F9E-4E41-B8B3-119738375A84",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv270:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DACDCE12-74C2-4F3C-8421-9191700514C5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F0D33997-0D65-464E-8AA5-043499C667D1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D13CD6CF-B048-4214-AAA8-AB58BE6C6C5E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv470:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AF1ECB1-6257-41E3-A050-6467063F4807",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv50:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA838CC7-083A-4BF1-9C95-BED6F5A2992C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D0171D69-14A6-4AB0-8377-C233F5E192D8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv870:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0883D805-1BA9-49CE-AEC7-51C9D9A69C5C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0D74A465-1A72-4A02-8A54-FD502BD28119",
"versionEndExcluding": "6.5.4.13-105n",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsa_2600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F86D13F9-D41E-4230-9116-A781FFAEF00D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_2650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B7BCDFEE-DC5A-44B8-85DF-8BFC02B1A973",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_3600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8A24BCC0-CE41-49AF-B03D-D4FCB422503B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_3650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "043858A6-26AC-4EB0-A240-A43AD08C6AD5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_4600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8FD73880-DC60-467F-99B6-69807D58A840",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_4650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "73BB9452-A014-4A68-9662-63E6C60EEAD2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_5600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B0CF683A-7E83-464B-8A0D-4CC641377FA6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_5650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9FAAEBB4-F180-4195-BA7F-591AB02EEDC9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_6600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD9C3F77-2F1A-4C4F-A8F8-CDBFB7B87891",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_6650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "676B05B2-716E-4DC4-BEE8-0E3BCCA5DB27",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:sm_9200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FEF2B435-957C-4BBE-937D-23E4F33189EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:sm_9250:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0CE4FE75-10AD-47D4-AF87-E4C294F89EA8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:sm_9400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B485C543-DFCF-4481-92B4-F7198EE4FBD1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:sm_9450:-:*:*:*:*:*:*:*",
"matchCriteriaId": "928C1C0D-7AF7-4076-B5B2-207DFF3AD6A4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:sm_9600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F030C5AB-36CA-445E-AC87-8DEE18DBB40E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:sm_9650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A1F9D940-8AE2-4B92-B69D-9FF6F48DF16C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:soho_250:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9FDE64E9-44DD-4B7C-BA34-FE2C79E3FAED",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:soho_250w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E8F3935-89B4-4091-9B8C-442C02FD4F3A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:sohow:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7268E89B-FF46-45AD-82FF-333505EF957B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0804FADE-57F7-452F-86B3-079701059D37",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_300p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9956F726-6D62-4616-B60A-4D3DD6F32105",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_300w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "29F4D403-F20A-4802-AAE9-9582486EB436",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_350:-:*:*:*:*:*:*:*",
"matchCriteriaId": "675F28A7-0BB3-4CDA-855E-7EFC650B512E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5983C650-84F6-4B2E-A27E-9E83EA1DDC02",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_400w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BDD4B412-7967-477F-929E-8F12A39186FF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A1D996FA-52D1-47C2-87E6-682EEC9CA532",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_500w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B9DEF6EE-000D-407D-AA2B-E039BA306A2A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C0B8BFA4-2E15-4318-B7A9-DBDE801D0CF0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz_600p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DCB8CDE6-8052-40F7-950F-05329499A58A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SonicOS post-authentication Stack-Based Buffer Overflow vulnerability in the getPacketReplayData.json URL endpoint leads to a firewall crash."
},
{
"lang": "es",
"value": "La vulnerabilidad de desbordamiento del b\u00fafer basado posterior a la autenticaci\u00f3n de SonicOS en el endpoint de URL getPacketReplayData.json provoca una falla del firewall."
}
],
"id": "CVE-2023-39279",
"lastModified": "2024-11-21T08:15:03.063",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-10-17T23:15:11.790",
"references": [
{
"source": "PSIRT@sonicwall.com",
"tags": [
"Vendor Advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0012"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0012"
}
],
"sourceIdentifier": "PSIRT@sonicwall.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-121"
}
],
"source": "PSIRT@sonicwall.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-10-12 23:15
Modified
2024-11-21 05:45
Severity ?
Summary
A Host Header Redirection vulnerability in SonicOS potentially allows a remote attacker to redirect firewall management users to arbitrary web domains.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| PSIRT@sonicwall.com | http://packetstormsecurity.com/files/164502/Sonicwall-SonicOS-7.0-Host-Header-Injection.html | Exploit, Third Party Advisory, VDB Entry | |
| PSIRT@sonicwall.com | https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0019 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://packetstormsecurity.com/files/164502/Sonicwall-SonicOS-7.0-Host-Header-Injection.html | Exploit, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0019 | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7177725D-324A-49F2-B8CA-F20245917932",
"versionEndIncluding": "7.0.1-r1262",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsa_2650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B7BCDFEE-DC5A-44B8-85DF-8BFC02B1A973",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_2700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8D8B0C7A-FD65-47CA-A625-150A90EFA7A1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_3650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "043858A6-26AC-4EB0-A240-A43AD08C6AD5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_3700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A69E000B-5806-46FD-A233-4E2CC9DD38D2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_4650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "73BB9452-A014-4A68-9662-63E6C60EEAD2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_4700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8DF4A322-7CC7-4AB9-B10E-FFF34DF2182D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_5650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9FAAEBB4-F180-4195-BA7F-591AB02EEDC9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_6650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "676B05B2-716E-4DC4-BEE8-0E3BCCA5DB27",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_6700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A884B1BB-F201-4C77-9F6E-B8A884DCD4C2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_9250:-:*:*:*:*:*:*:*",
"matchCriteriaId": "60219D0D-240E-4C5E-ADEE-0144DB076F28",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_9450:-:*:*:*:*:*:*:*",
"matchCriteriaId": "260EAE19-8320-4616-8833-B214D41FA98E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_9650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "94F17A77-EB74-4815-A026-6116755EFB37",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz270:-:*:*:*:*:*:*:*",
"matchCriteriaId": "70340DD4-687B-402C-85AF-C2B80D0F1600",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz270w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "52847BA2-470B-4078-A79B-52095DB9214B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "09678BBE-7603-41D2-BF09-415CA33C7EFA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz300p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7003DBEF-CA74-4429-B567-5CFFB83762E6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz300w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A8AC8EAE-99BE-4889-9978-5083F71D7178",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz350:-:*:*:*:*:*:*:*",
"matchCriteriaId": "479B1418-CA62-4B24-A5DB-21F488941754",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz350w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D3E0AB47-5EE3-4F2F-B442-DA48C58C44D6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz370:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9853AE3A-B0EA-4249-AA7D-1F2051C9BF91",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz370w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4DBDD10C-F89D-4051-BC70-67B41167FF9B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D50B19A6-80C4-4FF7-9CD5-58938641D3DC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz400w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "745643D6-9336-4FBE-9625-99599DFBB8A2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz470:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C23940E-2F9D-447B-A740-42035ED5D400",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz470w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "90C790AD-C40E-4527-8F83-D278282A9600",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C09B5BCD-C830-4C67-B966-1CA499F21D04",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz500w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA61303F-736E-411F-AEF3-6335C0795138",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz570:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C7DF76E0-8E3D-4E0D-A3BB-F5AE05A4C7C9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz570p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "352DFCF9-E333-41C0-8033-91265768FD8E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz570w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4C882C38-9DA5-4C03-BB23-AB2B448E3307",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3506950B-2404-41D2-8EF3-1694777D9EEA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz600p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7B4C9916-AD16-4E31-90A6-2AD577EA9783",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz670:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AEEA6065-48D3-4EC7-BD94-CBAE3D1010FF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9A464BC2-6F17-4745-96D9-E6E11D757CC0",
"versionEndIncluding": "7.0.1-r1283",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsv_10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "75912A50-E148-43C9-9335-BE19977F8A70",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv_100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12CF8746-84DF-4FB6-B5B7-AAED39E7FA6C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv_1600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3ED84FC8-3E4E-4D29-B725-57AE7EEEC6DA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv_200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AC0B21B1-ABA5-49E2-9B43-E85B9B447F45",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv_25:-:*:*:*:*:*:*:*",
"matchCriteriaId": "731B4849-2F0B-4625-B768-2287964ECDAF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv_270:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F2ABC8D8-2943-4073-9568-E87961A18998",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv_300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0BC92834-A624-49D8-BF14-9F545C63EB0B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv_400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "18066544-CD00-41A5-9392-6023020853D4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv_470:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9F57D527-AA3F-45E9-9BCE-6F76691066B5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv_50:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6A644965-B1B8-4581-BCAC-8D6BCC961A03",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv_800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "30061761-D324-43DD-B43D-F2DFEF987364",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv_870:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F5ECCCF0-A5D8-42A8-8EC1-D12B49B1124A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C8598D61-86DA-489E-A201-3816DDE140B9",
"versionEndIncluding": "7.0.1-r579",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nssp_12400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F2F22AB1-044C-45F1-BD33-82BB46402363",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nssp_12800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E62EAD79-2CD4-4479-B26A-A0C97B5B241A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nssp_13700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0250EDF9-0AEF-4711-8EF6-D447CF48BCAF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nssp_15700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7D6CF3CF-256C-4C04-8BDF-B16398CD0459",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CD1E5890-88A6-4932-B077-9A2BA77D74FA",
"versionEndIncluding": "6.5.4.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsa_2650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B7BCDFEE-DC5A-44B8-85DF-8BFC02B1A973",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_2700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8D8B0C7A-FD65-47CA-A625-150A90EFA7A1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_3650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "043858A6-26AC-4EB0-A240-A43AD08C6AD5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_3700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A69E000B-5806-46FD-A233-4E2CC9DD38D2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_4650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "73BB9452-A014-4A68-9662-63E6C60EEAD2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_4700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8DF4A322-7CC7-4AB9-B10E-FFF34DF2182D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_5650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9FAAEBB4-F180-4195-BA7F-591AB02EEDC9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_6650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "676B05B2-716E-4DC4-BEE8-0E3BCCA5DB27",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_6700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A884B1BB-F201-4C77-9F6E-B8A884DCD4C2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_9250:-:*:*:*:*:*:*:*",
"matchCriteriaId": "60219D0D-240E-4C5E-ADEE-0144DB076F28",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_9450:-:*:*:*:*:*:*:*",
"matchCriteriaId": "260EAE19-8320-4616-8833-B214D41FA98E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_9650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "94F17A77-EB74-4815-A026-6116755EFB37",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:soho_250w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E8F3935-89B4-4091-9B8C-442C02FD4F3A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:supermassive_9200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2D5A68BC-42AF-4F5A-8519-DCD232AEC0E1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:supermassive_9400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDDE20AC-E2E3-420A-B957-C525C9327CBE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:supermassive_9600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B61B24C7-3133-4AAA-9C7F-9EC84303E79A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:supermassive_9800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "08CEF935-BC0B-4A7D-BB3C-72B68965383F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz270:-:*:*:*:*:*:*:*",
"matchCriteriaId": "70340DD4-687B-402C-85AF-C2B80D0F1600",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz270w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "52847BA2-470B-4078-A79B-52095DB9214B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "09678BBE-7603-41D2-BF09-415CA33C7EFA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz300p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7003DBEF-CA74-4429-B567-5CFFB83762E6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz300w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A8AC8EAE-99BE-4889-9978-5083F71D7178",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz350:-:*:*:*:*:*:*:*",
"matchCriteriaId": "479B1418-CA62-4B24-A5DB-21F488941754",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz350w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D3E0AB47-5EE3-4F2F-B442-DA48C58C44D6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz370:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9853AE3A-B0EA-4249-AA7D-1F2051C9BF91",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz370w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4DBDD10C-F89D-4051-BC70-67B41167FF9B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D50B19A6-80C4-4FF7-9CD5-58938641D3DC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz400w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "745643D6-9336-4FBE-9625-99599DFBB8A2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz470:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C23940E-2F9D-447B-A740-42035ED5D400",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz470w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "90C790AD-C40E-4527-8F83-D278282A9600",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C09B5BCD-C830-4C67-B966-1CA499F21D04",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz500w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA61303F-736E-411F-AEF3-6335C0795138",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz570:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C7DF76E0-8E3D-4E0D-A3BB-F5AE05A4C7C9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz570p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "352DFCF9-E333-41C0-8033-91265768FD8E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz570w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4C882C38-9DA5-4C03-BB23-AB2B448E3307",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3506950B-2404-41D2-8EF3-1694777D9EEA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz600p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7B4C9916-AD16-4E31-90A6-2AD577EA9783",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz670:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AEEA6065-48D3-4EC7-BD94-CBAE3D1010FF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B0A5E010-6867-4F79-8F9E-674DED854580",
"versionEndIncluding": "6.5.1.12",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nssp_12400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F2F22AB1-044C-45F1-BD33-82BB46402363",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nssp_12800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E62EAD79-2CD4-4479-B26A-A0C97B5B241A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:supermassive_9800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "08CEF935-BC0B-4A7D-BB3C-72B68965383F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "351739EC-0DA2-4A53-901A-F75F87C7E903",
"versionEndIncluding": "6.0.5.3-94o",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:supermassive_e10200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "58F52D4A-407B-44D8-BFE7-E8861E45B71F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:supermassive_e10400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F5A020A4-5395-4D59-B16C-D83FD8BC7BC0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:supermassive_e10800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8338A3F2-1526-41CE-8A78-2717F77AB130",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FF2C3009-7B05-41B3-849E-DFBB8C79968D",
"versionEndIncluding": "5.9.1.13",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsa_2650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B7BCDFEE-DC5A-44B8-85DF-8BFC02B1A973",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_2700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8D8B0C7A-FD65-47CA-A625-150A90EFA7A1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_3650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "043858A6-26AC-4EB0-A240-A43AD08C6AD5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_3700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A69E000B-5806-46FD-A233-4E2CC9DD38D2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_4650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "73BB9452-A014-4A68-9662-63E6C60EEAD2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_4700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8DF4A322-7CC7-4AB9-B10E-FFF34DF2182D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_5650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9FAAEBB4-F180-4195-BA7F-591AB02EEDC9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_6650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "676B05B2-716E-4DC4-BEE8-0E3BCCA5DB27",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_6700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A884B1BB-F201-4C77-9F6E-B8A884DCD4C2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_9250:-:*:*:*:*:*:*:*",
"matchCriteriaId": "60219D0D-240E-4C5E-ADEE-0144DB076F28",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_9450:-:*:*:*:*:*:*:*",
"matchCriteriaId": "260EAE19-8320-4616-8833-B214D41FA98E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_9650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "94F17A77-EB74-4815-A026-6116755EFB37",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:soho_250:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9FDE64E9-44DD-4B7C-BA34-FE2C79E3FAED",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:soho_250w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E8F3935-89B4-4091-9B8C-442C02FD4F3A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz270:-:*:*:*:*:*:*:*",
"matchCriteriaId": "70340DD4-687B-402C-85AF-C2B80D0F1600",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz270w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "52847BA2-470B-4078-A79B-52095DB9214B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "09678BBE-7603-41D2-BF09-415CA33C7EFA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz300p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7003DBEF-CA74-4429-B567-5CFFB83762E6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz300w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A8AC8EAE-99BE-4889-9978-5083F71D7178",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz350:-:*:*:*:*:*:*:*",
"matchCriteriaId": "479B1418-CA62-4B24-A5DB-21F488941754",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz350w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D3E0AB47-5EE3-4F2F-B442-DA48C58C44D6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz370:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9853AE3A-B0EA-4249-AA7D-1F2051C9BF91",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz370w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4DBDD10C-F89D-4051-BC70-67B41167FF9B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D50B19A6-80C4-4FF7-9CD5-58938641D3DC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz400w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "745643D6-9336-4FBE-9625-99599DFBB8A2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz470:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C23940E-2F9D-447B-A740-42035ED5D400",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz470w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "90C790AD-C40E-4527-8F83-D278282A9600",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C09B5BCD-C830-4C67-B966-1CA499F21D04",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz500w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA61303F-736E-411F-AEF3-6335C0795138",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A Host Header Redirection vulnerability in SonicOS potentially allows a remote attacker to redirect firewall management users to arbitrary web domains."
},
{
"lang": "es",
"value": "Una vulnerabilidad de Redirecci\u00f3n de Encabezado de Host en SonicOS permite potencialmente a un atacante remoto redirigir a usuarios de la administraci\u00f3n del firewall a dominios web arbitrarios"
}
],
"id": "CVE-2021-20031",
"lastModified": "2024-11-21T05:45:49.147",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-10-12T23:15:07.727",
"references": [
{
"source": "PSIRT@sonicwall.com",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/164502/Sonicwall-SonicOS-7.0-Host-Header-Injection.html"
},
{
"source": "PSIRT@sonicwall.com",
"tags": [
"Vendor Advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0019"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/164502/Sonicwall-SonicOS-7.0-Host-Header-Injection.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0019"
}
],
"sourceIdentifier": "PSIRT@sonicwall.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-601"
}
],
"source": "PSIRT@sonicwall.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-601"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-01-10 14:10
Modified
2024-11-21 05:45
Severity ?
Summary
A Stack-based buffer overflow in the SonicOS HTTP Content-Length response header allows a remote authenticated attacker to cause Denial of Service (DoS) and potentially results in code execution in the firewall. This vulnerability affected SonicOS Gen 5, Gen 6 and Gen 7 firmware versions.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B579C72A-7E3C-4289-B908-54777E4665EF",
"versionEndIncluding": "7.0.1-r146",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsa_2650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B7BCDFEE-DC5A-44B8-85DF-8BFC02B1A973",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_2700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8D8B0C7A-FD65-47CA-A625-150A90EFA7A1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_3650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "043858A6-26AC-4EB0-A240-A43AD08C6AD5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_3700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A69E000B-5806-46FD-A233-4E2CC9DD38D2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_4650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "73BB9452-A014-4A68-9662-63E6C60EEAD2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_4700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8DF4A322-7CC7-4AB9-B10E-FFF34DF2182D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_5650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9FAAEBB4-F180-4195-BA7F-591AB02EEDC9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_6650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "676B05B2-716E-4DC4-BEE8-0E3BCCA5DB27",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_6700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A884B1BB-F201-4C77-9F6E-B8A884DCD4C2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_9250:-:*:*:*:*:*:*:*",
"matchCriteriaId": "60219D0D-240E-4C5E-ADEE-0144DB076F28",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_9450:-:*:*:*:*:*:*:*",
"matchCriteriaId": "260EAE19-8320-4616-8833-B214D41FA98E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_9650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "94F17A77-EB74-4815-A026-6116755EFB37",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz270:-:*:*:*:*:*:*:*",
"matchCriteriaId": "70340DD4-687B-402C-85AF-C2B80D0F1600",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz270w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "52847BA2-470B-4078-A79B-52095DB9214B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "09678BBE-7603-41D2-BF09-415CA33C7EFA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz300p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7003DBEF-CA74-4429-B567-5CFFB83762E6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz300w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A8AC8EAE-99BE-4889-9978-5083F71D7178",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz350:-:*:*:*:*:*:*:*",
"matchCriteriaId": "479B1418-CA62-4B24-A5DB-21F488941754",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz350w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D3E0AB47-5EE3-4F2F-B442-DA48C58C44D6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz370:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9853AE3A-B0EA-4249-AA7D-1F2051C9BF91",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz370w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4DBDD10C-F89D-4051-BC70-67B41167FF9B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D50B19A6-80C4-4FF7-9CD5-58938641D3DC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz400w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "745643D6-9336-4FBE-9625-99599DFBB8A2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz470:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C23940E-2F9D-447B-A740-42035ED5D400",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz470w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "90C790AD-C40E-4527-8F83-D278282A9600",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C09B5BCD-C830-4C67-B966-1CA499F21D04",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz500w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA61303F-736E-411F-AEF3-6335C0795138",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz570:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C7DF76E0-8E3D-4E0D-A3BB-F5AE05A4C7C9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz570p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "352DFCF9-E333-41C0-8033-91265768FD8E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz570w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4C882C38-9DA5-4C03-BB23-AB2B448E3307",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3506950B-2404-41D2-8EF3-1694777D9EEA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz600p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7B4C9916-AD16-4E31-90A6-2AD577EA9783",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz670:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AEEA6065-48D3-4EC7-BD94-CBAE3D1010FF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EF016251-1EC4-4513-981C-CF846CBB11A6",
"versionEndIncluding": "7.0.1-5023-1349",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsv_10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "75912A50-E148-43C9-9335-BE19977F8A70",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv_100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12CF8746-84DF-4FB6-B5B7-AAED39E7FA6C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv_1600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3ED84FC8-3E4E-4D29-B725-57AE7EEEC6DA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv_200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AC0B21B1-ABA5-49E2-9B43-E85B9B447F45",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv_25:-:*:*:*:*:*:*:*",
"matchCriteriaId": "731B4849-2F0B-4625-B768-2287964ECDAF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv_270:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F2ABC8D8-2943-4073-9568-E87961A18998",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv_300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0BC92834-A624-49D8-BF14-9F545C63EB0B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv_400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "18066544-CD00-41A5-9392-6023020853D4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv_470:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9F57D527-AA3F-45E9-9BCE-6F76691066B5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv_50:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6A644965-B1B8-4581-BCAC-8D6BCC961A03",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv_800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "30061761-D324-43DD-B43D-F2DFEF987364",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsv_870:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F5ECCCF0-A5D8-42A8-8EC1-D12B49B1124A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DB2AC71A-1446-4448-88C0-30295BE95577",
"versionEndIncluding": "7.0.1-5018-r1715",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nssp_12400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F2F22AB1-044C-45F1-BD33-82BB46402363",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nssp_12800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E62EAD79-2CD4-4479-B26A-A0C97B5B241A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nssp_13700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0250EDF9-0AEF-4711-8EF6-D447CF48BCAF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nssp_15700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7D6CF3CF-256C-4C04-8BDF-B16398CD0459",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E45CB5A3-4D23-46F1-8712-22F70E43E40A",
"versionEndIncluding": "6.5.4.8-89n",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsa_2650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B7BCDFEE-DC5A-44B8-85DF-8BFC02B1A973",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_2700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8D8B0C7A-FD65-47CA-A625-150A90EFA7A1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_3650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "043858A6-26AC-4EB0-A240-A43AD08C6AD5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_3700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A69E000B-5806-46FD-A233-4E2CC9DD38D2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_4650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "73BB9452-A014-4A68-9662-63E6C60EEAD2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_4700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8DF4A322-7CC7-4AB9-B10E-FFF34DF2182D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_5650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9FAAEBB4-F180-4195-BA7F-591AB02EEDC9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_6650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "676B05B2-716E-4DC4-BEE8-0E3BCCA5DB27",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_6700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A884B1BB-F201-4C77-9F6E-B8A884DCD4C2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_9250:-:*:*:*:*:*:*:*",
"matchCriteriaId": "60219D0D-240E-4C5E-ADEE-0144DB076F28",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_9450:-:*:*:*:*:*:*:*",
"matchCriteriaId": "260EAE19-8320-4616-8833-B214D41FA98E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_9650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "94F17A77-EB74-4815-A026-6116755EFB37",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:soho_250w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E8F3935-89B4-4091-9B8C-442C02FD4F3A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:supermassive_9200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2D5A68BC-42AF-4F5A-8519-DCD232AEC0E1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:supermassive_9400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDDE20AC-E2E3-420A-B957-C525C9327CBE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:supermassive_9600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B61B24C7-3133-4AAA-9C7F-9EC84303E79A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:supermassive_9800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "08CEF935-BC0B-4A7D-BB3C-72B68965383F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz270:-:*:*:*:*:*:*:*",
"matchCriteriaId": "70340DD4-687B-402C-85AF-C2B80D0F1600",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz270w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "52847BA2-470B-4078-A79B-52095DB9214B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "09678BBE-7603-41D2-BF09-415CA33C7EFA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz300p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7003DBEF-CA74-4429-B567-5CFFB83762E6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz300w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A8AC8EAE-99BE-4889-9978-5083F71D7178",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz350:-:*:*:*:*:*:*:*",
"matchCriteriaId": "479B1418-CA62-4B24-A5DB-21F488941754",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz350w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D3E0AB47-5EE3-4F2F-B442-DA48C58C44D6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz370:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9853AE3A-B0EA-4249-AA7D-1F2051C9BF91",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz370w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4DBDD10C-F89D-4051-BC70-67B41167FF9B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D50B19A6-80C4-4FF7-9CD5-58938641D3DC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz400w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "745643D6-9336-4FBE-9625-99599DFBB8A2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz470:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C23940E-2F9D-447B-A740-42035ED5D400",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz470w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "90C790AD-C40E-4527-8F83-D278282A9600",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C09B5BCD-C830-4C67-B966-1CA499F21D04",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz500w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA61303F-736E-411F-AEF3-6335C0795138",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz570:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C7DF76E0-8E3D-4E0D-A3BB-F5AE05A4C7C9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz570p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "352DFCF9-E333-41C0-8033-91265768FD8E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz570w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4C882C38-9DA5-4C03-BB23-AB2B448E3307",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3506950B-2404-41D2-8EF3-1694777D9EEA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz600p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7B4C9916-AD16-4E31-90A6-2AD577EA9783",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz670:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AEEA6065-48D3-4EC7-BD94-CBAE3D1010FF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A3E0782E-7AA4-4569-920F-E8C94892C2E1",
"versionEndIncluding": "6.5.1.13-1n",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nssp_12400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F2F22AB1-044C-45F1-BD33-82BB46402363",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nssp_12800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E62EAD79-2CD4-4479-B26A-A0C97B5B241A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:supermassive_9800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "08CEF935-BC0B-4A7D-BB3C-72B68965383F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "351739EC-0DA2-4A53-901A-F75F87C7E903",
"versionEndIncluding": "6.0.5.3-94o",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:supermassive_e10200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "58F52D4A-407B-44D8-BFE7-E8861E45B71F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:supermassive_e10400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F5A020A4-5395-4D59-B16C-D83FD8BC7BC0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:supermassive_e10800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8338A3F2-1526-41CE-8A78-2717F77AB130",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "83D659F7-8259-4AA8-B8F3-45923DFB29DE",
"versionEndIncluding": "5.9.1.13",
"versionStartIncluding": "5.0.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:nsa_2650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B7BCDFEE-DC5A-44B8-85DF-8BFC02B1A973",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_2700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8D8B0C7A-FD65-47CA-A625-150A90EFA7A1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_3650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "043858A6-26AC-4EB0-A240-A43AD08C6AD5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_3700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A69E000B-5806-46FD-A233-4E2CC9DD38D2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_4650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "73BB9452-A014-4A68-9662-63E6C60EEAD2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_4700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8DF4A322-7CC7-4AB9-B10E-FFF34DF2182D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_5650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9FAAEBB4-F180-4195-BA7F-591AB02EEDC9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_6650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "676B05B2-716E-4DC4-BEE8-0E3BCCA5DB27",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_6700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A884B1BB-F201-4C77-9F6E-B8A884DCD4C2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_9250:-:*:*:*:*:*:*:*",
"matchCriteriaId": "60219D0D-240E-4C5E-ADEE-0144DB076F28",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_9450:-:*:*:*:*:*:*:*",
"matchCriteriaId": "260EAE19-8320-4616-8833-B214D41FA98E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:nsa_9650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "94F17A77-EB74-4815-A026-6116755EFB37",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:soho_250:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9FDE64E9-44DD-4B7C-BA34-FE2C79E3FAED",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:soho_250w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E8F3935-89B4-4091-9B8C-442C02FD4F3A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz270:-:*:*:*:*:*:*:*",
"matchCriteriaId": "70340DD4-687B-402C-85AF-C2B80D0F1600",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz270w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "52847BA2-470B-4078-A79B-52095DB9214B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "09678BBE-7603-41D2-BF09-415CA33C7EFA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz300p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7003DBEF-CA74-4429-B567-5CFFB83762E6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz300w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A8AC8EAE-99BE-4889-9978-5083F71D7178",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz350:-:*:*:*:*:*:*:*",
"matchCriteriaId": "479B1418-CA62-4B24-A5DB-21F488941754",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz350w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D3E0AB47-5EE3-4F2F-B442-DA48C58C44D6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz370:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9853AE3A-B0EA-4249-AA7D-1F2051C9BF91",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz370w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4DBDD10C-F89D-4051-BC70-67B41167FF9B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D50B19A6-80C4-4FF7-9CD5-58938641D3DC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz400w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "745643D6-9336-4FBE-9625-99599DFBB8A2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz470:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C23940E-2F9D-447B-A740-42035ED5D400",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz470w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "90C790AD-C40E-4527-8F83-D278282A9600",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C09B5BCD-C830-4C67-B966-1CA499F21D04",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:tz500w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA61303F-736E-411F-AEF3-6335C0795138",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A Stack-based buffer overflow in the SonicOS HTTP Content-Length response header allows a remote authenticated attacker to cause Denial of Service (DoS) and potentially results in code execution in the firewall. This vulnerability affected SonicOS Gen 5, Gen 6 and Gen 7 firmware versions."
},
{
"lang": "es",
"value": "Un desbordamiento del b\u00fafer en la regi\u00f3n Stack de la memoria en el encabezado de respuesta HTTP Content-Length de SonicOS permite a un atacante remoto autenticado causar una Denegaci\u00f3n de Servicio (DoS) y potencialmente resultar en una ejecuci\u00f3n de c\u00f3digo en el firewall. Esta vulnerabilidad afecta a SonicOS versiones de firmware Gen 5, Gen 6 y Gen 7"
}
],
"id": "CVE-2021-20046",
"lastModified": "2024-11-21T05:45:50.900",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-01-10T14:10:16.537",
"references": [
{
"source": "PSIRT@sonicwall.com",
"tags": [
"Vendor Advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0027"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0027"
}
],
"sourceIdentifier": "PSIRT@sonicwall.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-121"
}
],
"source": "PSIRT@sonicwall.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}