PT-2015-6444 · Dell+1 · Sra+2
Publicado
2015-08-26
·
Atualizado
2020-08-05
·
CVE-2015-4173
CVSS v2.0
6.9
Média
| Vetor | AV:L/AC:M/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Dell SonicWall NetExtender versions prior to 7.5.227
Dell SonicWall NetExtender versions 8.0.x prior to 8.0.238
SRA firmware versions prior to 7.5.1.2-40sv
SRA firmware versions 8.x prior to 8.0.0.3-23sv
Description
The issue allows local users to gain privileges via a Trojan horse program in the %SYSTEMDRIVE% folder due to an unquoted Windows search path vulnerability in the autorun value.
Recommendations
For Dell SonicWall NetExtender versions prior to 7.5.227, update to version 7.5.227 or later.
For Dell SonicWall NetExtender versions 8.0.x prior to 8.0.238, update to version 8.0.238 or later.
For SRA firmware versions prior to 7.5.1.2-40sv, update to version 7.5.1.2-40sv or later.
For SRA firmware versions 8.x prior to 8.0.0.3-23sv, update to version 8.0.0.3-23sv or later.
Correção
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Dell Sonicwall Netextender
Sra
Windows