10 matches found
CVE-2013-1359
CPU : CVE-2013-1359 describes an authentication bypass in Dell SonicWALL products (Analyzer, GMS, UMA, ViewPoint) where the skipSessionCheck parameter to the UMA interface (/appliance/) can be set to 1 to bypass login and access root. Affected products include SonicWALL ViewPoint, Analyzer, GMS (...
CVE-2014-0332
Affected software : Dell SonicWALL GMS, SonicWALL Analyzer, and SonicWALL UMA E5000 (all before 7.1 SP2). Vulnerability : Cross-site scripting (XSS) in mainPage via the node_id parameter of ScreenDisplayManager genNetwork action (input not properly sanitized). Impact : Remote attackers can inject...
CVE-2015-3990
CVE-2015-3990 affects the Dell SonicWall GMS suite (GMS ViewPoint web app) on GMS, Analyzer, and UMA EM5000 prior to 7.2 SP4. Affected component: GMSVP web application; vulnerability enables remote authenticated users to execute arbitrary commands via configuration-related input handling. Root ca...
CVE-2018-5691
The CVE-2018-5691 entry concerns Dell SonicWall Global Management System (GMS) v8.1. Affected component: the /sgms/TreeControl module; vulnerability type: Cross-Site Scripting (XSS) via the values of newName and Name. Root cause is an input handling flaw that allows malicious script injection thr...
CVE-2013-1360
This CVE affects DELL SonicWALL GMS, Analyzer, UMA, and ViewPoint products. A crafted request to the SGMS interface (/sgms/) allows an unauthenticated remote attacker to bypass authentication and gain full administrative access to the web interface, potentially compromising all managed appliances...
CVE-2014-5024
CVE-2014-5024 is a cross-site scripting (XSS) vulnerability in Dell SonicWALL GMS, Analyzer, and UMA, affecting the sgms/panelManager component. The issue allows remote attackers to inject arbitrary web script or HTML via the node_id parameter. The vulnerability is described in several connected ...
CVE-2014-8420
CVE-2014-8420 affects Dell SonicWALL GMS suite: ViewPoint web application in GMS, SonicWALL Analyzer, and SonicWALL UMA up to version 7.2 SP2. The vulnerability is a remote code execution flaw in the ViewPoint component, arising from insufficient input/config handling, allowing a remote authentic...
CVE-2016-2397
The CVE-2016-2397 entry concerns the cliserver component in Dell SonicWALL GMS, Analyzer, and UMA EM5000 (versions 7.2, 8.0, 8.1 prior to Hotfix 168056). The vulnerability allows remote attackers to deserialize XML data and execute arbitrary Java code on affected systems. The underlying issue is ...
CVE-2013-7025
CVE-2013-7025 describes multiple XSS vulnerabilities in ematStaticAlertTypes.jsp within the Alert Settings area of Dell SonicWALL Global Management System (GMS), SonicWALL Analyzer, and UMA EM5000 7.1 SP1 prior to Hotfix 134235. The underlying issue is reflected/stored XSS via the parameters valf...
CVE-2016-2396
CVE-2016-2396 affects Dell SonicWALL GMS ViewPoint (GMSVP) web app used by Dell SonicWALL GMS/Analyzer/UMA EM5000 versions 7.2, 8.0, 8.1 prior to Hotfix 168056. Affected component is the GMSVP web interface where input in configuration fields is not safely sanitized, allowing a remote authenticat...