Lucene search
K
SonicwallAnalyzer

10 matches found

CVE
CVE
added 2020/02/11 4:42 p.m.74 views

CVE-2013-1359

CPU : CVE-2013-1359 describes an authentication bypass in Dell SonicWALL products (Analyzer, GMS, UMA, ViewPoint) where the skipSessionCheck parameter to the UMA interface (/appliance/) can be set to 1 to bypass login and access root. Affected products include SonicWALL ViewPoint, Analyzer, GMS (...

10CVSS9.1AI score0.89402EPSS
Web
CVE
CVE
added 2014/02/14 4:0 p.m.71 views

CVE-2014-0332

Affected software : Dell SonicWALL GMS, SonicWALL Analyzer, and SonicWALL UMA E5000 (all before 7.1 SP2). Vulnerability : Cross-site scripting (XSS) in mainPage via the node_id parameter of ScreenDisplayManager genNetwork action (input not properly sanitized). Impact : Remote attackers can inject...

4.3CVSS5.8AI score0.02761EPSS
Web
CVE
CVE
added 2015/05/20 6:0 p.m.60 views

CVE-2015-3990

CVE-2015-3990 affects the Dell SonicWall GMS suite (GMS ViewPoint web app) on GMS, Analyzer, and UMA EM5000 prior to 7.2 SP4. Affected component: GMSVP web application; vulnerability enables remote authenticated users to execute arbitrary commands via configuration-related input handling. Root ca...

9CVSS7.4AI score0.02723EPSS
CVE
CVE
added 2018/01/14 4:0 a.m.54 views

CVE-2018-5691

The CVE-2018-5691 entry concerns Dell SonicWall Global Management System (GMS) v8.1. Affected component: the /sgms/TreeControl module; vulnerability type: Cross-Site Scripting (XSS) via the values of newName and Name. Root cause is an input handling flaw that allows malicious script injection thr...

5.4CVSS5.2AI score0.00708EPSS
Web
CVE
CVE
added 2020/02/11 3:44 p.m.52 views

CVE-2013-1360

This CVE affects DELL SonicWALL GMS, Analyzer, UMA, and ViewPoint products. A crafted request to the SGMS interface (/sgms/) allows an unauthenticated remote attacker to bypass authentication and gain full administrative access to the web interface, potentially compromising all managed appliances...

10CVSS9AI score0.23211EPSS
Web
CVE
CVE
added 2014/07/24 2:0 p.m.49 views

CVE-2014-5024

CVE-2014-5024 is a cross-site scripting (XSS) vulnerability in Dell SonicWALL GMS, Analyzer, and UMA, affecting the sgms/panelManager component. The issue allows remote attackers to inject arbitrary web script or HTML via the node_id parameter. The vulnerability is described in several connected ...

4.3CVSS5.9AI score0.01627EPSS
CVE
CVE
added 2014/11/25 3:0 p.m.48 views

CVE-2014-8420

CVE-2014-8420 affects Dell SonicWALL GMS suite: ViewPoint web application in GMS, SonicWALL Analyzer, and SonicWALL UMA up to version 7.2 SP2. The vulnerability is a remote code execution flaw in the ViewPoint component, arising from insufficient input/config handling, allowing a remote authentic...

9CVSS7.5AI score0.23987EPSS
CVE
CVE
added 2016/02/17 3:0 p.m.46 views

CVE-2016-2397

The CVE-2016-2397 entry concerns the cliserver component in Dell SonicWALL GMS, Analyzer, and UMA EM5000 (versions 7.2, 8.0, 8.1 prior to Hotfix 168056). The vulnerability allows remote attackers to deserialize XML data and execute arbitrary Java code on affected systems. The underlying issue is ...

10CVSS9.6AI score0.06437EPSS
CVE
CVE
added 2013/12/09 11:0 a.m.45 views

CVE-2013-7025

CVE-2013-7025 describes multiple XSS vulnerabilities in ematStaticAlertTypes.jsp within the Alert Settings area of Dell SonicWALL Global Management System (GMS), SonicWALL Analyzer, and UMA EM5000 7.1 SP1 prior to Hotfix 134235. The underlying issue is reflected/stored XSS via the parameters valf...

3.5CVSS5.5AI score0.04337EPSS
Web
CVE
CVE
added 2016/02/17 3:0 p.m.44 views

CVE-2016-2396

CVE-2016-2396 affects Dell SonicWALL GMS ViewPoint (GMSVP) web app used by Dell SonicWALL GMS/Analyzer/UMA EM5000 versions 7.2, 8.0, 8.1 prior to Hotfix 168056. Affected component is the GMSVP web interface where input in configuration fields is not safely sanitized, allowing a remote authenticat...

9.9CVSS9.2AI score0.04746EPSS