Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

Vulnerabilities fixed in Sonicwall

🗓️ 22 Aug 2023 00:00:00Reported by NCSCType 
ncsc
 ncsc🔗 advisories.ncsc.nl👁 4 Views

SonicWall fixed vulnerabilities in Global Management System and Analytics with updates addressing data manipulation, authentication bypass, and remote code execution.

Related
ReporterTitlePublishedViews
Family
ATTACKERKB		CVE-2023-34127
13 Jul 202300:00
attackerkb
BDU FSTEC		The vulnerability of the SonicWall Analytics analytical service and the SonicWall Global Management System’s global network gateways, related to the lack of protection for administrative data, allows a hacker to read the administrator’s password hash.
26 Jul 202300:00
bdu_fstec
BDU FSTEC		The vulnerability of the SonicWall Analytics analytical service and the SonicWall Global Management System’s global network gateways, related to incorrect path name restrictions, allows attackers to read arbitrary files.
26 Jul 202300:00
bdu_fstec
BDU FSTEC		The vulnerability of the SonicWall Analytics analytical service and the SonicWall Global Management System’s global network gateways, which stems from the lack of restrictions on file downloads, allows attackers to upload files to the privileged file system.
26 Jul 202300:00
bdu_fstec
BDU FSTEC		The vulnerability of the SonicWall Analytics analytical service and the SonicWall Global Management System’s global network gateways is due to an incorrect restriction on the path to the restricted access directory. This allows attackers to read arbitrary files from the root privileged filesystem.
26 Jul 202300:00
bdu_fstec
BDU FSTEC		The vulnerability of the SonicWall Analytics analytical service and the SonicWall Global Management System (GMS) global network firewall system lies in the lack of restrictions on file downloads, which allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.
26 Jul 202300:00
bdu_fstec
BDU FSTEC		The vulnerability of the SonicWall Analytics analytical service and the SonicWall Global Management System (GMS) global network firewall management system lies in the lack of protection for the SQL query structure, which allows attackers to exploit the protected information.
26 Jul 202300:00
bdu_fstec
BDU FSTEC		The vulnerability of SonicWall Analytics’ analytical service and the SonicWall Global Management System’s global network gateways, which exists due to the failure to take measures to neutralize special elements used in the operating system, allows attackers to execute arbitrary code with root privileges.
26 Jul 202300:00
bdu_fstec
BDU FSTEC		The vulnerability of the SonicWall Analytics analytical service and the SonicWall Global Management System (GMS) global network firewall management system lies in the lack of protection for operational data, allowing attackers to gain unauthorized access to protected information.
26 Jul 202300:00
bdu_fstec
BDU FSTEC		The vulnerability of the SonicWall Analytics analytical service and the SonicWall Global Management System (GMS) global network firewall management system, related to the ability to bypass authentication due to a fundamental error, allows attackers to enhance their privileges.
26 Jul 202300:00
bdu_fstec
Rows per page

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
22 Aug 2023 00:00Current
8.2High risk
Vulners AI Score8.2
CVSS 3.19.8
EPSS0.91322
SSVC
SonicWall updatesGlobal Management SystemAnalyticsdata manipulationauthentication bypasssecurity circumventionremote code executionSQL injectionsystem data access
4