CVE-2018-9867

🗓️ 19 Feb 2019 21:00:00Reported by sonicwallType

SonicWall SonicOS allows unauthorized certificate downloa

Reporter	Title	Published	Views	Family All 6
CVE	CVE-2018-9867	19 Feb 201921:00	–	cve
EUVD	EUVD-2018-21459	7 Oct 202500:30	–	euvd
NVD	CVE-2018-9867	19 Feb 201921:29	–	nvd
OSV	CVE-2018-9867	19 Feb 201921:29	–	osv
Prion	Design/Logic Flaw	19 Feb 201921:29	–	prion
SonicWall	Administrators without full permissions can download imported certificates	15 Feb 201920:00	–	sonicwall

[
  {
    "product": "SonicOS",
    "vendor": "SonicWall",
    "versions": [
      {
        "status": "affected",
        "version": "5.9.1.10 and earlier"
      },
      {
        "status": "affected",
        "version": "6.2.7.3"
      },
      {
        "status": "affected",
        "version": "6.5.1.3"
      },
      {
        "status": "affected",
        "version": "6.5.2.2"
      },
      {
        "status": "affected",
        "version": "6.5.3.1"
      },
      {
        "status": "affected",
        "version": "6.2.7.8"
      },
      {
        "status": "affected",
        "version": "6.4.0.0"
      },
      {
        "status": "affected",
        "version": "6.5.1.8"
      },
      {
        "status": "affected",
        "version": "6.0.5.3-86o"
      }
    ]
  },
  {
    "product": "SonicOSv",
    "vendor": "SonicWall",
    "versions": [
      {
        "status": "affected",
        "version": "6.5.0.2-8v_RC363 (VMWARE)"
      },
      {
        "status": "affected",
        "version": "6.5.0.2.8v_RC367 (AZURE)"
      },
      {
        "status": "affected",
        "version": "6.5.0.2.8v_RC368 (AWS)"
      },
      {
        "status": "affected",
        "version": "6.5.0.2.8v_RC366 (HYPER_V)"
      }
    ]
  }
]

Source	Link
tenable	www.tenable.com/security/research/tra-2019-08
psirt	www.psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0017

02 Apr 2019 17:20Current

5.5Medium risk

Vulners AI Score5.5

EPSS0.00022

CWE-285