Lucene search
SonicwallVULNRICHMENT:CVE-2024-40766HistoryAug 23, 2024 - 6:19 a.m.
CVE-2024-40766
2024-08-2306:19:07
CWE-284
sonicwall
github.com
38
improper access control
sonicwall sonicos
unauthorized access
firewall crash
AI Score
7
Confidence
Low
EPSS
0.01
Percentile
84.1%
SSVC
Exploitation
active
Automatable
yes
Technical Impact
partial
An improper access control vulnerability has been identified in the SonicWall SonicOS management access, potentially leading to unauthorized resource access and in specific conditions, causing the firewall to crash. This issue affects SonicWall Firewall Gen 5 and Gen 6 devices, as well as Gen 7 devices running SonicOS 7.0.1-5035 and older versions.
ADP Affected
[
{
"cpes": [
"cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*"
],
"vendor": "sonicwall",
"product": "sonicos",
"versions": [
{
"status": "affected",
"version": "0",
"versionType": "custom",
"lessThanOrEqual": "5.9.2.14-12o"
},
{
"status": "affected",
"version": "0",
"versionType": "custom",
"lessThanOrEqual": "6.5.4.14-109n"
},
{
"status": "affected",
"version": "0",
"versionType": "custom",
"lessThanOrEqual": "7.0.1-5035"
}
],
"defaultStatus": "unknown"
}
]Related
rapid7blog
rapid7blog
nvd
nvd
CVE-2024-40766
2024-08-23 07:15:03
nessus
nessus
SonicWall SonicOS Improper Access Control (SNWLID-2024-0015)
2024-09-09 00:00:00
cvelist
cvelist
CVE-2024-40766
2024-08-23 06:19:07
thn
thn
attackerkb
attackerkb
CVE-2024-40766
2024-08-23 00:00:00
cve
cve
CVE-2024-40766
2024-08-23 07:15:03
cisa_kev
cisa_kev
SonicWall SonicOS Improper Access Control Vulnerability
2024-09-09 00:00:00
AI Score
7
Confidence
Low
EPSS
0.01
Percentile
84.1%
SSVC
Exploitation
active
Automatable
yes
Technical Impact
partial
Related for VULNRICHMENT:CVE-2024-40766