VAR-200212-0858
Vulnerability from variot - Updated: 2023-12-18 11:53Cross-site scripting (XSS) vulnerability in content blocking in SonicWALL SOHO3 6.3.0.0 allows remote attackers to inject arbitrary web script or HTML via a blocked URL. The Sonicwall SOHO3 is an Internet security appliance that provides firewall security solutions. Reportedly, a vulnerability exists in the product that allows for a script injection attack to be launched from a malicious user within the internal LAN. It is possible to configure Sonicwall to block domains from a list of user entered domains. Sonicwall will deny local users access to the websites that have been blocked. Attempts to access blocked domains will be entered into the log files of Sonicwall. An administrator viewing the log files will automatically cause the malicious script code execute. If the attacker's script code is injected into the logfile then the administrator will not be able to access the log normally. To regain access to the logs the appliance will need to be rebooted. It should be noted that rebooting the appliance will cause the logs to be cleared and will effectively eliminate any indication in the logs of which user initiated the attack. It is possible for a malicious remote user to exploit this issue by crafting a URL of a known blocked domain that includes script code, and enticing a local user into following the link
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200212-0858",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "soho3",
"scope": "eq",
"trust": 1.6,
"vendor": "sonicwall",
"version": "6.3.0.0"
},
{
"model": "soho",
"scope": "eq",
"trust": 0.3,
"vendor": "sonicwall",
"version": "6.3.0.0"
}
],
"sources": [
{
"db": "BID",
"id": "4755"
},
{
"db": "NVD",
"id": "CVE-2002-2341"
},
{
"db": "CNNVD",
"id": "CNNVD-200212-799"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:sonicwall:soho3:6.3.0.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2002-2341"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Credited to \"E M\" \u003crdnktrk@hotmail.com\u003e.",
"sources": [
{
"db": "BID",
"id": "4755"
},
{
"db": "CNNVD",
"id": "CNNVD-200212-799"
}
],
"trust": 0.9
},
"cve": "CVE-2002-2341",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "VHN-6724",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2002-2341",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-200212-799",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-6724",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-6724"
},
{
"db": "NVD",
"id": "CVE-2002-2341"
},
{
"db": "CNNVD",
"id": "CNNVD-200212-799"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cross-site scripting (XSS) vulnerability in content blocking in SonicWALL SOHO3 6.3.0.0 allows remote attackers to inject arbitrary web script or HTML via a blocked URL. The Sonicwall SOHO3 is an Internet security appliance that provides firewall security solutions. \nReportedly, a vulnerability exists in the product that allows for a script injection attack to be launched from a malicious user within the internal LAN. \nIt is possible to configure Sonicwall to block domains from a list of user entered domains. Sonicwall will deny local users access to the websites that have been blocked. Attempts to access blocked domains will be entered into the log files of Sonicwall. An administrator viewing the log files will automatically cause the malicious script code execute. \nIf the attacker\u0027s script code is injected into the logfile then the administrator will not be able to access the log normally. To regain access to the logs the appliance will need to be rebooted. It should be noted that rebooting the appliance will cause the logs to be cleared and will effectively eliminate any indication in the logs of which user initiated the attack. \nIt is possible for a malicious remote user to exploit this issue by crafting a URL of a known blocked domain that includes script code, and enticing a local user into following the link",
"sources": [
{
"db": "NVD",
"id": "CVE-2002-2341"
},
{
"db": "BID",
"id": "4755"
},
{
"db": "VULHUB",
"id": "VHN-6724"
}
],
"trust": 1.26
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-6724",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-6724"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "4755",
"trust": 2.0
},
{
"db": "NVD",
"id": "CVE-2002-2341",
"trust": 1.7
},
{
"db": "CNNVD",
"id": "CNNVD-200212-799",
"trust": 0.7
},
{
"db": "XF",
"id": "3",
"trust": 0.6
},
{
"db": "SEEBUG",
"id": "SSVID-75279",
"trust": 0.1
},
{
"db": "EXPLOIT-DB",
"id": "21453",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-6724",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-6724"
},
{
"db": "BID",
"id": "4755"
},
{
"db": "NVD",
"id": "CVE-2002-2341"
},
{
"db": "CNNVD",
"id": "CNNVD-200212-799"
}
]
},
"id": "VAR-200212-0858",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-6724"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T11:53:22.785000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-79",
"trust": 1.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-6724"
},
{
"db": "NVD",
"id": "CVE-2002-2341"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/4755"
},
{
"trust": 1.7,
"url": "http://www.iss.net/security_center/static/9103.php"
},
{
"trust": 1.1,
"url": "http://online.securityfocus.com/archive/1/272935"
},
{
"trust": 0.3,
"url": "http://www.sonicwall.com"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-6724"
},
{
"db": "BID",
"id": "4755"
},
{
"db": "NVD",
"id": "CVE-2002-2341"
},
{
"db": "CNNVD",
"id": "CNNVD-200212-799"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-6724"
},
{
"db": "BID",
"id": "4755"
},
{
"db": "NVD",
"id": "CVE-2002-2341"
},
{
"db": "CNNVD",
"id": "CNNVD-200212-799"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2002-12-31T00:00:00",
"db": "VULHUB",
"id": "VHN-6724"
},
{
"date": "2002-05-17T00:00:00",
"db": "BID",
"id": "4755"
},
{
"date": "2002-12-31T05:00:00",
"db": "NVD",
"id": "CVE-2002-2341"
},
{
"date": "2002-12-31T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200212-799"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2008-09-05T00:00:00",
"db": "VULHUB",
"id": "VHN-6724"
},
{
"date": "2002-05-17T00:00:00",
"db": "BID",
"id": "4755"
},
{
"date": "2008-09-05T20:32:58.430000",
"db": "NVD",
"id": "CVE-2002-2341"
},
{
"date": "2002-12-31T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200212-799"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200212-799"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SonicWall SOHO3 Content Blocking Script Injection Vulnerability",
"sources": [
{
"db": "BID",
"id": "4755"
},
{
"db": "CNNVD",
"id": "CNNVD-200212-799"
}
],
"trust": 0.9
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "XSS",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200212-799"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…