Gms Security Vulnerabilities and Issues — Gms CVE List

Lucene search

SonicwallGms

5 matches found

CVE•added 2023/07/13 3:15 a.m.•156 views

CVE-2023-34133

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in SonicWall GMS and Analytics allows an unauthenticated attacker to extract sensitive information from the application database. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5...

7.5CVSS8.7AI score0.85346EPSS

CVE•added 2023/07/13 12:15 a.m.•155 views

CVE-2023-34123

Use of Hard-coded Cryptographic Key vulnerability in SonicWall GMS, SonicWall Analytics. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions.

7.5CVSS8AI score0.00099EPSS

CVE•added 2022/10/13 11:15 a.m.•46 views

CVE-2021-20030

SonicWall GMS is vulnerable to file path manipulation resulting that an unauthenticated attacker can gain access to web directory containing application's binaries and configuration files.

7.5CVSS7.7AI score0.00581EPSS

CVE•added 2024/05/01 6:15 p.m.•38 views

CVE-2024-29010

The XML document processed in the GMS ECM URL endpoint is vulnerable to XML external entity (XXE) injection, potentially resulting in the disclosure of sensitive information. This issue affects GMS: 9.3.4 and earlier versions.

7.1CVSS6.8AI score0.00064EPSS

CVE•added 2024/05/01 7:15 p.m.•38 views

CVE-2024-29011

Use of hard-coded password in the GMS ECM endpoint leading to authentication bypass vulnerability. This issue affects GMS: 9.3.4 and earlier versions.

7.5CVSS7.8AI score0.00035EPSS