Lucene search

SonicwallCVE-2024-29013

HistoryJun 20, 2024 - 9:15 a.m.

CVE-2024-29013

2024-06-2009:15:11

CWE-787

CWE-122

sonicwall

web.nvd.nist.gov

sonicos

ssl-vpn

buffer overflow

dos

memcpy

cve-2024-29013

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

AI Score

7.4

Confidence

High

EPSS

Percentile

14.0%

JSON

Heap-based buffer overflow vulnerability in the SonicOS SSL-VPN allows an authenticated remote attacker to cause Denial of Service (DoS) via memcpy function.

Affected configurations

Nvd

Node

sonicwallsonicosRange<7.0.1-5161

sonicwallsonicosRange7.1.1–7.1.1-7058

sonicwallsonicosRange7.1.2–7.1.2-7019

AND

sonicwallnsa_2700Match-

sonicwallnsa_3700Match-

sonicwallnsa_4700Match-

sonicwallnsa_5700Match-

sonicwallnsa_6700Match-

sonicwallnssp_10700Match-

sonicwallnssp_11700Match-

sonicwallnssp_13700Match-

sonicwallnsv_270Match-

sonicwallnsv_470Match-

sonicwallnsv_870Match-

sonicwalltz270Match-

sonicwalltz270wMatch-

sonicwalltz370Match-

sonicwalltz370wMatch-

sonicwalltz470Match-

sonicwalltz470wMatch-

sonicwalltz570Match-

sonicwalltz570pMatch-

sonicwalltz570wMatch-

sonicwalltz670Match-

VendorProductVersionCPE
sonicwallsonicos*cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*
sonicwallnsa_2700-cpe:2.3:h:sonicwall:nsa_2700:-:*:*:*:*:*:*:*
sonicwallnsa_3700-cpe:2.3:h:sonicwall:nsa_3700:-:*:*:*:*:*:*:*
sonicwallnsa_4700-cpe:2.3:h:sonicwall:nsa_4700:-:*:*:*:*:*:*:*
sonicwallnsa_5700-cpe:2.3:h:sonicwall:nsa_5700:-:*:*:*:*:*:*:*
sonicwallnsa_6700-cpe:2.3:h:sonicwall:nsa_6700:-:*:*:*:*:*:*:*
sonicwallnssp_10700-cpe:2.3:h:sonicwall:nssp_10700:-:*:*:*:*:*:*:*
sonicwallnssp_11700-cpe:2.3:h:sonicwall:nssp_11700:-:*:*:*:*:*:*:*
sonicwallnssp_13700-cpe:2.3:h:sonicwall:nssp_13700:-:*:*:*:*:*:*:*
sonicwallnsv_270-cpe:2.3:h:sonicwall:nsv_270:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
sonicwall	sonicos	*	cpe:2.3:o:sonicwall:sonicos::::::::
sonicwall	nsa_2700	-	cpe:2.3:h:sonicwall:nsa_2700:-:::::::*
sonicwall	nsa_3700	-	cpe:2.3:h:sonicwall:nsa_3700:-:::::::*
sonicwall	nsa_4700	-	cpe:2.3:h:sonicwall:nsa_4700:-:::::::*
sonicwall	nsa_5700	-	cpe:2.3:h:sonicwall:nsa_5700:-:::::::*
sonicwall	nsa_6700	-	cpe:2.3:h:sonicwall:nsa_6700:-:::::::*
sonicwall	nssp_10700	-	cpe:2.3:h:sonicwall:nssp_10700:-:::::::*
sonicwall	nssp_11700	-	cpe:2.3:h:sonicwall:nssp_11700:-:::::::*
sonicwall	nssp_13700	-	cpe:2.3:h:sonicwall:nssp_13700:-:::::::*
sonicwall	nsv_270	-	cpe:2.3:h:sonicwall:nsv_270:-:::::::*

Rows per page:

1-10 of 221

CNA Affected

[
  {
    "defaultStatus": "unknown",
    "platforms": [
      "Gen7"
    ],
    "product": "SonicOS",
    "vendor": "SonicWall",
    "versions": [
      {
        "status": "affected",
        "version": "7.1.1-7051 and earlier versions"
      }
    ]
  }
]

References

psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0009

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

AI Score

7.4

Confidence

High

EPSS

Percentile

14.0%

JSON

Related for CVE-2024-29013