CVE-2023-34131

Name of the Vulnerable Software and Affected Versions SonicWall GMS versions 9.3.2-SP1 and earlier SonicWall Analytics versions 2.5.0.4-R7 and earlier

Description The issue is related to the exposure of sensitive information to unauthorized actors in SonicWall GMS and Analytics, allowing an unauthenticated attacker to access restricted web pages. This is due to a lack of protection for service data, which can be exploited by a remote attacker to gain unauthorized access to protected information.

Recommendations For SonicWall GMS versions 9.3.2-SP1 and earlier, update to a version later than 9.3.2-SP1 to resolve the issue. For SonicWall Analytics versions 2.5.0.4-R7 and earlier, update to a version later than 2.5.0.4-R7 to resolve the issue. As a temporary workaround, consider restricting access to the affected web pages until a patch is available.