PT-2020-7345 · Dell · Sonicwall Global Management System+3
Nikolas Sotiriu
·
Published
2020-02-11
·
Updated
2020-02-13
·
CVE-2013-1360
CVSS v2.0
10
High
| Vector | AV:N/AC:L/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions:
DELL SonicWALL Global Management System (GMS) versions 4.1 through 7.0
DELL SonicWALL Analyzer version 7.0
DELL SonicWALL Universal Management Appliance (UMA) versions 5.1 through 7.0
DELL SonicWALL ViewPoint versions 4.1 through 6.0
Description:
An Authentication Bypass issue exists via a crafted request to the SGMS interface, which could let a remote malicious user obtain administrative access.
Recommendations:
For DELL SonicWALL Global Management System (GMS) versions 4.1 through 7.0, update to a version that fixes the Authentication Bypass issue.
For DELL SonicWALL Analyzer version 7.0, update to a version that fixes the Authentication Bypass issue.
For DELL SonicWALL Universal Management Appliance (UMA) versions 5.1 through 7.0, update to a version that fixes the Authentication Bypass issue.
For DELL SonicWALL ViewPoint versions 4.1 through 6.0, update to a version that fixes the Authentication Bypass issue.
Exploit
Fix
Improper Authentication
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Sonicwall Analyzer
Sonicwall Global Management System
Sonicwall Universal Management Appliance
Sonicwall Viewpoint