CVE-2023-6340
5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
5.5 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
9.1%
SonicWall Capture Client version 3.7.10,Β NetExtender client version 10.2.337 and earlier versions are installed with sfpmonitor.sys driver. The driver has been found to be vulnerable to Denial-of-Service (DoS) caused by Stack-based Buffer Overflow vulnerability.
Affected configurations
| CPE | Name | Operator | Version |
|---|---|---|---|
| sonicwall:capture_client | sonicwall capture client | le | 3.7.10 |
| sonicwall:netextender | sonicwall netextender | le | 10.2.337 |
CNA Affected
[
{
"defaultStatus": "unknown",
"platforms": [
"Windows"
],
"product": "Capture Client",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "3.7.10 and earlier versions"
}
]
},
{
"defaultStatus": "unknown",
"platforms": [
"Windows",
"64 bit",
"32 bit"
],
"product": "NetExtender",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "10.2.337 and earlier versions"
}
]
}
]Social References
More
Related
5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
5.5 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
9.1%