Lucene search

[email protected]NVD:CVE-2023-0126

HistoryJan 19, 2023 - 8:15 p.m.

CVE-2023-0126

2023-01-1920:15:10

CWE-22

[email protected]

web.nvd.nist.gov

vulnerability

pre-authentication

path traversal

sma1000

firmware

version 12.4.2

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

AI Score

7.6

Confidence

High

EPSS

0.166

Percentile

96.1%

JSON

Pre-authentication path traversal vulnerability in SMA1000 firmware version 12.4.2, which allows an unauthenticated attacker to access arbitrary files and directories stored outside the web root directory.

Affected configurations

Nvd

Node

sonicwallsma1000Match-

AND

sonicwallsma1000_firmwareMatch12.4.2

VendorProductVersionCPE
sonicwallsma1000-cpe:2.3:h:sonicwall:sma1000:-:*:*:*:*:*:*:*
sonicwallsma1000_firmware12.4.2cpe:2.3:o:sonicwall:sma1000_firmware:12.4.2:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
sonicwall	sma1000	-	cpe:2.3:h:sonicwall:sma1000:-:::::::*
sonicwall	sma1000_firmware	12.4.2	cpe:2.3:o:sonicwall:sma1000_firmware:12.4.2:::::::*

References

psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0001

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

AI Score

7.6

Confidence

High

EPSS

0.166

Percentile

96.1%

JSON

Related for NVD:CVE-2023-0126

prion1 cvelist1 cve1 nuclei1