CVE-2015-3447

Name of the Vulnerable Software and Affected Versions Dell SonicWall SonicOS versions 6.x through 7.5.0.12

Description The issue concerns multiple cross-site scripting (XSS) vulnerabilities. These vulnerabilities allow remote attackers to inject arbitrary web script or HTML via the searchSpoof or searchSpoofIpDet parameters.

Recommendations For versions 6.x through 7.5.0.12, consider restricting access to the macIpSpoofView.html page until a patch is available. As a temporary workaround, avoid using the searchSpoof and searchSpoofIpDet parameters in the affected page until the issue is resolved.