PT-2016-5154 · Dell · Dell Sonicwall Gms+3

Kernelsmith

Published

2016-02-10

Updated

2018-03-12

CVE-2016-2396

CVSS v3.1

9.9

Critical

Vector

AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Dell SonicWALL GMS, Analyzer, and UMA EM5000 versions 7.2 through 8.1 before Hotfix 168056

Description The issue allows remote authenticated users to execute arbitrary commands via vectors related to configuration input. This is related to the GMS ViewPoint web application.

Recommendations For versions 7.2 through 8.1 before Hotfix 168056, apply Hotfix 168056 to resolve the issue.

Fix

Command Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-77

Related Identifiers

CVE-2016-2396

ZDI-16-164

Affected Products

Analyzer

Dell Sonicwall Gms

Gms Viewpoint

Uma Em5000

PT-2016-5154 · Dell · Dell Sonicwall Gms+3

CVE-2016-2396

Weakness Enumeration

Related Identifiers

Affected Products

References · 6