CVE-2023-39280

2023-10-1722:17:36

CWE-121

sonicwall

www.cve.org

cve-2023-39280

sonicos

stack-based buffer overflow

ssostats-s.xml

ssostats-s.wri

url endpoints

firewall crash

EPSS

Percentile

13.3%

JSON

SonicOS p

ost-authentication Stack-Based Buffer Overflow vulnerability in the ssoStats-s.xml, ssoStats-s.wri URL endpoints leads to a firewall crash.

CNA Affected

[
  {
    "defaultStatus": "unknown",
    "modules": [
      "Management",
      "SSLVPN"
    ],
    "product": "SonicOS",
    "vendor": "SonicWall",
    "versions": [
      {
        "status": "affected",
        "version": "7.0.1-5119 and earlier versions"
      },
      {
        "status": "affected",
        "version": "7.0.1-5129 and earlier versions"
      },
      {
        "status": "affected",
        "version": "6.5.4.4-44v-21-2079 and earlier versions"
      },
      {
        "status": "affected",
        "version": "6.5.4.12-101n and earlier versions"
      }
    ]
  }
]

References

psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0012

EPSS

Percentile

13.3%

JSON

Related for CVELIST:CVE-2023-39280