CVE-2023-34123

CVSS v2.0

7.8

High

Vector

AV:N/AC:L/Au:N/C:N/I:C/A:N

Name of the Vulnerable Software and Affected Versions SonicWall GMS versions 9.3.2-SP1 and earlier SonicWall Analytics versions 2.5.0.4-R7 and earlier

Description The issue is related to the use of a hard-coded cryptographic key in SonicWall Analytics and SonicWall Global Management System (GMS). Exploitation of this issue may allow a remote attacker to impact data integrity.

Recommendations For SonicWall GMS versions 9.3.2-SP1 and earlier, update to a version that addresses the use of hard-coded cryptographic keys. For SonicWall Analytics versions 2.5.0.4-R7 and earlier, update to a version that addresses the use of hard-coded cryptographic keys.

Fix

Using Hardcoded Credentials

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-798CWE-321

Related Identifiers

BDU:2023-04289

CVE-2023-34123

Affected Products

Sonicwall Analytics

Sonicwall Gms

CVE-2023-34123

Weakness Enumeration

Related Identifiers

Affected Products

References · 7