PT-2019-18622 · Sonicwall · Sonicos+2
Published
2019-12-31
·
Updated
2020-10-09
·
CVE-2019-7479
CVSS v3.1
7.2
High
| Vector | AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
SonicOS Gen 5 versions 5.9.1.12-4o and earlier
SonicOS Gen 6 versions 6.2.7.4-32n through 6.5.3.3-3n
SonicOSv versions 6.5.0.2-8v RC363 through 6.5.0.2.8v RC368
Description
A vulnerability in SonicOS allows an authenticated read-only admin to elevate permissions to configuration mode.
Recommendations
For SonicOS Gen 5 versions 5.9.1.12-4o and earlier, update to a version later than 5.9.1.12-4o.
For SonicOS Gen 6 versions 6.2.7.4-32n through 6.5.3.3-3n, update to a version later than 6.5.3.3-3n.
For SonicOSv versions 6.5.0.2-8v RC363 through 6.5.0.2.8v RC368, update to a version later than 6.5.0.2.8v RC368.
Fix
Improper Authorization
Improper Privilege Management
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Sonicos Gen 5
Sonicos Gen 6
Sonicos