PT-2014-8516 · Dell · Sonicwall Analyzer+3

Publicado

2014-11-21

·

Atualizado

2018-03-12

·

CVE-2014-8420

CVSS v2.0

9.0

Alta

VetorAV:N/AC:L/Au:S/C:C/I:C/A:C
Name of the Vulnerable Software and Affected Versions Dell SonicWALL Global Management System (GMS) versions prior to 7.2 SP2 SonicWALL Analyzer versions prior to 7.2 SP2 SonicWALL UMA versions prior to 7.2 SP2
Description The issue allows remote authenticated users to execute arbitrary code via unspecified vectors in the ViewPoint web application.
Recommendations For Dell SonicWALL Global Management System (GMS) versions prior to 7.2 SP2, update to version 7.2 SP2 or later. For SonicWALL Analyzer versions prior to 7.2 SP2, update to version 7.2 SP2 or later. For SonicWALL UMA versions prior to 7.2 SP2, update to version 7.2 SP2 or later.

Correção

RCE

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-20

Identificadores relacionados

CVE-2014-8420
ZDI-14-385

Produtos afetados

Sonicwall Global Management System
Sonicwall Analyzer
Sonicwall Uma
Viewpoint