cvelistv5 - cve-2024-45316

CVE-2024-45316 (GCVE-0-2024-45316)

Vulnerability from cvelistv5 – Published: 2024-10-11 08:20 – Updated: 2024-10-11 15:38

Summary

The Improper link resolution before file access ('Link Following') vulnerability in SonicWall Connect Tunnel (version 12.4.3.271 and earlier of Windows client) allows users with standard privileges to delete arbitrary folders and files, potentially leading to local privilege escalation attack.

Severity ?

7.8 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE

CWE-59 - Improper Link Resolution Before File Access ('Link Following')

Assigner

sonicwall

References

URL

Tags

https://psirt.global.sonicwall.com/vuln-detail/SN…

vendor-advisory

Impacted products

	Vendor	Product	Version
	SonicWall	Connect Tunnel	Affected: 12.4.3.271 and earlier versions

Credits

Hashim Jawad (@ihack4falafel) through Trend Micro (Zero Day Initiative)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:sonicwall:connect_tunnel:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "connect_tunnel",
            "vendor": "sonicwall",
            "versions": [
              {
                "lessThan": "12.4.3.271",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "LOCAL",
              "availabilityImpact": "HIGH",
              "baseScore": 7.8,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "LOW",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2024-45316",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-10-11T15:35:14.195681Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-11T15:38:20.692Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "platforms": [
            "Windows"
          ],
          "product": "Connect Tunnel",
          "vendor": "SonicWall",
          "versions": [
            {
              "status": "affected",
              "version": "12.4.3.271 and earlier versions"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Hashim Jawad (@ihack4falafel) through Trend Micro (Zero Day Initiative)"
        }
      ],
      "datePublic": "2024-10-11T08:18:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "The Improper link resolution before file access (\u0027Link Following\u0027) vulnerability in SonicWall Connect Tunnel (version 12.4.3.271 and earlier of Windows client) allows users with standard privileges to delete arbitrary folders and files, potentially leading to local privilege escalation attack."
            }
          ],
          "value": "The Improper link resolution before file access (\u0027Link Following\u0027) vulnerability in SonicWall Connect Tunnel (version 12.4.3.271 and earlier of Windows client) allows users with standard privileges to delete arbitrary folders and files, potentially leading to local privilege escalation attack."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-59",
              "description": "CWE-59 Improper Link Resolution Before File Access (\u0027Link Following\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-10-11T08:20:57.727Z",
        "orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
        "shortName": "sonicwall"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0017"
        }
      ],
      "source": {
        "advisory": "SNWLID-2024-0017",
        "discovery": "EXTERNAL"
      },
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
    "assignerShortName": "sonicwall",
    "cveId": "CVE-2024-45316",
    "datePublished": "2024-10-11T08:20:57.727Z",
    "dateReserved": "2024-08-26T20:20:45.693Z",
    "dateUpdated": "2024-10-11T15:38:20.692Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "descriptions": "[{\"lang\": \"en\", \"value\": \"The Improper link resolution before file access (\u0027Link Following\u0027) vulnerability in SonicWall Connect Tunnel (version 12.4.3.271 and earlier of Windows client) allows users with standard privileges to delete arbitrary folders and files, potentially leading to local privilege escalation attack.\"}, {\"lang\": \"es\", \"value\": \"La vulnerabilidad de resoluci\\u00f3n de enlace incorrecta antes del acceso al archivo (\u0027Seguimiento de enlace\u0027) en SonicWall Connect Tunnel (versi\\u00f3n 12.4.3.271 y anteriores del cliente de Windows) permite a los usuarios con privilegios est\\u00e1ndar eliminar carpetas y archivos arbitrarios, lo que potencialmente conduce a un ataque de escalada de privilegios locales.\"}]",
      "id": "CVE-2024-45316",
      "lastModified": "2024-10-15T12:58:51.050",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 7.8, \"baseSeverity\": \"HIGH\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 1.8, \"impactScore\": 5.9}]}",
      "published": "2024-10-11T13:15:16.010",
      "references": "[{\"url\": \"https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0017\", \"source\": \"PSIRT@sonicwall.com\"}]",
      "sourceIdentifier": "PSIRT@sonicwall.com",
      "vulnStatus": "Awaiting Analysis",
      "weaknesses": "[{\"source\": \"PSIRT@sonicwall.com\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-59\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2024-45316\",\"sourceIdentifier\":\"PSIRT@sonicwall.com\",\"published\":\"2024-10-11T13:15:16.010\",\"lastModified\":\"2024-10-15T12:58:51.050\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The Improper link resolution before file access (\u0027Link Following\u0027) vulnerability in SonicWall Connect Tunnel (version 12.4.3.271 and earlier of Windows client) allows users with standard privileges to delete arbitrary folders and files, potentially leading to local privilege escalation attack.\"},{\"lang\":\"es\",\"value\":\"La vulnerabilidad de resoluci\u00f3n de enlace incorrecta antes del acceso al archivo (\u0027Seguimiento de enlace\u0027) en SonicWall Connect Tunnel (versi\u00f3n 12.4.3.271 y anteriores del cliente de Windows) permite a los usuarios con privilegios est\u00e1ndar eliminar carpetas y archivos arbitrarios, lo que potencialmente conduce a un ataque de escalada de privilegios locales.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"PSIRT@sonicwall.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-59\"}]}],\"references\":[{\"url\":\"https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0017\",\"source\":\"PSIRT@sonicwall.com\"}]}}",
    "vulnrichment": {
      "containers": "{\"cna\": {\"affected\": [{\"defaultStatus\": \"unknown\", \"platforms\": [\"Windows\"], \"product\": \"Connect Tunnel\", \"vendor\": \"SonicWall\", \"versions\": [{\"status\": \"affected\", \"version\": \"12.4.3.271 and earlier versions\"}]}], \"credits\": [{\"lang\": \"en\", \"type\": \"finder\", \"value\": \"Hashim Jawad (@ihack4falafel) through Trend Micro (Zero Day Initiative)\"}], \"datePublic\": \"2024-10-11T08:18:00.000Z\", \"descriptions\": [{\"lang\": \"en\", \"supportingMedia\": [{\"base64\": false, \"type\": \"text/html\", \"value\": \"The Improper link resolution before file access (\u0027Link Following\u0027) vulnerability in SonicWall Connect Tunnel (version 12.4.3.271 and earlier of Windows client) allows users with standard privileges to delete arbitrary folders and files, potentially leading to local privilege escalation attack.\"}], \"value\": \"The Improper link resolution before file access (\u0027Link Following\u0027) vulnerability in SonicWall Connect Tunnel (version 12.4.3.271 and earlier of Windows client) allows users with standard privileges to delete arbitrary folders and files, potentially leading to local privilege escalation attack.\"}], \"problemTypes\": [{\"descriptions\": [{\"cweId\": \"CWE-59\", \"description\": \"CWE-59 Improper Link Resolution Before File Access (\u0027Link Following\u0027)\", \"lang\": \"en\", \"type\": \"CWE\"}]}], \"providerMetadata\": {\"orgId\": \"44b2ff79-1416-4492-88bb-ed0da00c7315\", \"shortName\": \"sonicwall\", \"dateUpdated\": \"2024-10-11T08:20:57.727Z\"}, \"references\": [{\"tags\": [\"vendor-advisory\"], \"url\": \"https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0017\"}], \"source\": {\"advisory\": \"SNWLID-2024-0017\", \"discovery\": \"EXTERNAL\"}, \"x_generator\": {\"engine\": \"Vulnogram 0.2.0\"}}, \"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.8, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"HIGH\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-45316\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-10-11T15:35:14.195681Z\"}}}], \"affected\": [{\"cpes\": [\"cpe:2.3:a:sonicwall:connect_tunnel:*:*:*:*:*:*:*:*\"], \"vendor\": \"sonicwall\", \"product\": \"connect_tunnel\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"12.4.3.271\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-10-11T15:37:58.845Z\"}}]}",
      "cveMetadata": "{\"cveId\": \"CVE-2024-45316\", \"assignerOrgId\": \"44b2ff79-1416-4492-88bb-ed0da00c7315\", \"state\": \"PUBLISHED\", \"assignerShortName\": \"sonicwall\", \"dateReserved\": \"2024-08-26T20:20:45.693Z\", \"datePublished\": \"2024-10-11T08:20:57.727Z\", \"dateUpdated\": \"2024-10-11T15:38:20.692Z\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

WID-SEC-W-2024-3150

Vulnerability from csaf_certbund - Published: 2024-10-10 22:00 - Updated: 2024-12-01 23:00

Summary

SonicWall SMA: Mehrere Schwachstellen

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung

SonicWall SMA ist ein Secure Access Gateway, mit dem Organisationen Zugang zu geschäftskritischen Unternehmensressourcen bereitstellen können.

Angriff

Ein lokaler Angreifer kann mehrere Schwachstellen in SonicWall SMA ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, seine Privilegien zu erhöhen oder um Sicherheitsmaßnahmen zu umgehen.

Betroffene Betriebssysteme

- Windows

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "mittel"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "SonicWall SMA ist ein Secure Access Gateway, mit dem Organisationen Zugang zu gesch\u00e4ftskritischen Unternehmensressourcen bereitstellen k\u00f6nnen.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein lokaler Angreifer kann mehrere Schwachstellen in SonicWall SMA ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, seine Privilegien zu erh\u00f6hen oder um Sicherheitsma\u00dfnahmen zu umgehen.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Windows",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2024-3150 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-3150.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2024-3150 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-3150"
      },
      {
        "category": "external",
        "summary": "SonicWall Security Advisory vom 2024-10-10",
        "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0017"
      }
    ],
    "source_lang": "en-US",
    "title": "SonicWall SMA: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2024-12-01T23:00:00.000+00:00",
      "generator": {
        "date": "2024-12-02T11:33:56.321+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.8"
        }
      },
      "id": "WID-SEC-W-2024-3150",
      "initial_release_date": "2024-10-10T22:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2024-10-10T22:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        },
        {
          "date": "2024-12-01T23:00:00.000+00:00",
          "number": "2",
          "summary": "Korrektur Plattformauswahl"
        }
      ],
      "status": "final",
      "version": "2"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "1000 Connect Tunnel \u003c12.4.3.281",
                "product": {
                  "name": "SonicWall SMA 1000 Connect Tunnel \u003c12.4.3.281",
                  "product_id": "T038251"
                }
              },
              {
                "category": "product_version",
                "name": "1000 Connect Tunnel 12.4.3.281",
                "product": {
                  "name": "SonicWall SMA 1000 Connect Tunnel 12.4.3.281",
                  "product_id": "T038251-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:sonicwall:secure_mobile_access:1000_connect_tunnel__12.4.3.281"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "1000 Platform \u003c12.4.3-02758",
                "product": {
                  "name": "SonicWall SMA 1000 Platform \u003c12.4.3-02758",
                  "product_id": "T038252"
                }
              },
              {
                "category": "product_version",
                "name": "1000 Platform 12.4.3-02758",
                "product": {
                  "name": "SonicWall SMA 1000 Platform 12.4.3-02758",
                  "product_id": "T038252-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:sonicwall:secure_mobile_access:1000_platform__12.4.3-02758"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "SMA"
          }
        ],
        "category": "vendor",
        "name": "SonicWall"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-45315",
      "notes": [
        {
          "category": "description",
          "text": "Es besteht eine Schwachstelle in SonicWall SMA. Dieser Fehler existiert wegen eines Link-Following-Problems in der Komponente Connect Tunnel, das die Erstellung beliebiger Ordner und Dateien erm\u00f6glicht. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T038251",
          "T038252"
        ]
      },
      "release_date": "2024-10-10T22:00:00.000+00:00",
      "title": "CVE-2024-45315"
    },
    {
      "cve": "CVE-2024-45316",
      "notes": [
        {
          "category": "description",
          "text": "Es besteht eine Schwachstelle in SonicWall SMA. Dieser Fehler existiert wegen eines Link-Following-Problems in der Komponente Connect Tunnel, das das L\u00f6schen beliebiger Ordner und Dateien erm\u00f6glicht. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um seine Privilegien zu erh\u00f6hen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T038251",
          "T038252"
        ]
      },
      "release_date": "2024-10-10T22:00:00.000+00:00",
      "title": "CVE-2024-45316"
    },
    {
      "cve": "CVE-2024-45317",
      "notes": [
        {
          "category": "description",
          "text": "Es besteht eine Schwachstelle in SonicWall SMA. Dieser Fehler existiert wegen eines Server-Side Request Forgery-Problems in der Komponente Connect Tunnel, das es erm\u00f6glicht, die serverseitige Anwendung zu zwingen, Anfragen an eine unbeabsichtigte IP-Adresse zu stellen. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T038251",
          "T038252"
        ]
      },
      "release_date": "2024-10-10T22:00:00.000+00:00",
      "title": "CVE-2024-45317"
    }
  ]
}

CERTFR-2024-AVI-0867

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été découvertes dans les produits SonicWall. Elles permettent à un attaquant de provoquer une élévation de privilèges, un contournement de la politique de sécurité et un déni de service.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

	Vendor	Product	Description
	Sonicwall	Secure Mobile Access	SMA1000 Appliance versions antérieures à 12.4.3-02758
	Sonicwall	Secure Mobile Access	Client SMA1000 Connect Tunnel Windows (32 et 64 bits) versions antérieures à 12.4.3.281

References

Title

Publication Time

Tags

Bulletin de sécurité SonicWall SNWLID-2024-0017

2024-10-10

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "SMA1000 Appliance versions ant\u00e9rieures \u00e0 12.4.3-02758",
      "product": {
        "name": "Secure Mobile Access",
        "vendor": {
          "name": "Sonicwall",
          "scada": false
        }
      }
    },
    {
      "description": "Client SMA1000 Connect Tunnel Windows (32 et 64 bits) versions ant\u00e9rieures \u00e0 12.4.3.281",
      "product": {
        "name": "Secure Mobile Access",
        "vendor": {
          "name": "Sonicwall",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "",
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2024-45317",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-45317"
    },
    {
      "name": "CVE-2024-45316",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-45316"
    },
    {
      "name": "CVE-2024-45315",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-45315"
    }
  ],
  "links": [],
  "reference": "CERTFR-2024-AVI-0867",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2024-10-11T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits SonicWall. Elles permettent \u00e0 un attaquant de provoquer une \u00e9l\u00e9vation de privil\u00e8ges, un contournement de la politique de s\u00e9curit\u00e9 et un d\u00e9ni de service.",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits SonicWall",
  "vendor_advisories": [
    {
      "published_at": "2024-10-10",
      "title": "Bulletin de s\u00e9curit\u00e9 SonicWall SNWLID-2024-0017",
      "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0017"
    }
  ]
}

CERTFR-2024-AVI-0867

Vulnerability from certfr_avis - Published: - Updated:

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

	Vendor	Product	Description
	Sonicwall	Secure Mobile Access	SMA1000 Appliance versions antérieures à 12.4.3-02758
	Sonicwall	Secure Mobile Access	Client SMA1000 Connect Tunnel Windows (32 et 64 bits) versions antérieures à 12.4.3.281

References

Title

Publication Time

Tags

Bulletin de sécurité SonicWall SNWLID-2024-0017

2024-10-10

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "SMA1000 Appliance versions ant\u00e9rieures \u00e0 12.4.3-02758",
      "product": {
        "name": "Secure Mobile Access",
        "vendor": {
          "name": "Sonicwall",
          "scada": false
        }
      }
    },
    {
      "description": "Client SMA1000 Connect Tunnel Windows (32 et 64 bits) versions ant\u00e9rieures \u00e0 12.4.3.281",
      "product": {
        "name": "Secure Mobile Access",
        "vendor": {
          "name": "Sonicwall",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "",
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2024-45317",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-45317"
    },
    {
      "name": "CVE-2024-45316",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-45316"
    },
    {
      "name": "CVE-2024-45315",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-45315"
    }
  ],
  "links": [],
  "reference": "CERTFR-2024-AVI-0867",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2024-10-11T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits SonicWall. Elles permettent \u00e0 un attaquant de provoquer une \u00e9l\u00e9vation de privil\u00e8ges, un contournement de la politique de s\u00e9curit\u00e9 et un d\u00e9ni de service.",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits SonicWall",
  "vendor_advisories": [
    {
      "published_at": "2024-10-10",
      "title": "Bulletin de s\u00e9curit\u00e9 SonicWall SNWLID-2024-0017",
      "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0017"
    }
  ]
}

GHSA-6VWQ-GG49-HJ9W

Vulnerability from github – Published: 2024-10-11 15:30 – Updated: 2024-10-12 00:30

Details

Severity ?

7.8 (High)


                  
                    CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2024-45316"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-59"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-10-11T13:15:16Z",
    "severity": "HIGH"
  },
  "details": "The Improper link resolution before file access (\u0027Link Following\u0027) vulnerability in SonicWall Connect Tunnel (version 12.4.3.271 and earlier of Windows client) allows users with standard privileges to delete arbitrary folders and files, potentially leading to local privilege escalation attack.",
  "id": "GHSA-6vwq-gg49-hj9w",
  "modified": "2024-10-12T00:30:47Z",
  "published": "2024-10-11T15:30:32Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45316"
    },
    {
      "type": "WEB",
      "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0017"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

FKIE_CVE-2024-45316

Vulnerability from fkie_nvd - Published: 2024-10-11 13:15 - Updated: 2024-10-15 12:58

Severity ?

7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Summary

References

	URL	Tags
	PSIRT@sonicwall.com	https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0017

Impacted products

	Vendor	Product	Version

JSON

To clipboard

{
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The Improper link resolution before file access (\u0027Link Following\u0027) vulnerability in SonicWall Connect Tunnel (version 12.4.3.271 and earlier of Windows client) allows users with standard privileges to delete arbitrary folders and files, potentially leading to local privilege escalation attack."
    },
    {
      "lang": "es",
      "value": "La vulnerabilidad de resoluci\u00f3n de enlace incorrecta antes del acceso al archivo (\u0027Seguimiento de enlace\u0027) en SonicWall Connect Tunnel (versi\u00f3n 12.4.3.271 y anteriores del cliente de Windows) permite a los usuarios con privilegios est\u00e1ndar eliminar carpetas y archivos arbitrarios, lo que potencialmente conduce a un ataque de escalada de privilegios locales."
    }
  ],
  "id": "CVE-2024-45316",
  "lastModified": "2024-10-15T12:58:51.050",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.9,
        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
        "type": "Secondary"
      }
    ]
  },
  "published": "2024-10-11T13:15:16.010",
  "references": [
    {
      "source": "PSIRT@sonicwall.com",
      "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0017"
    }
  ],
  "sourceIdentifier": "PSIRT@sonicwall.com",
  "vulnStatus": "Awaiting Analysis",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-59"
        }
      ],
      "source": "PSIRT@sonicwall.com",
      "type": "Secondary"
    }
  ]
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2024-45316 (GCVE-0-2024-45316)

WID-SEC-W-2024-3150

CERTFR-2024-AVI-0867

Solutions

CERTFR-2024-AVI-0867

Solutions

GHSA-6VWQ-GG49-HJ9W

FKIE_CVE-2024-45316

Tags

Sightings

Nomenclature