Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CERTFR-2020-AVI-651
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans Sonicwall SonicOS. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un contournement de la politique de sécurité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Sonicwall | SonicOS | SonicOS 6.5.1.x versions antérieures à 6.5.1.12-1n | ||
| Sonicwall | SonicOS | Gen 7 versions antérieures à 7.0.0.0-2 | ||
| Sonicwall | SonicOS | SonicOS 6.5.4.x versions antérieures à 6.5.4.7-83n | ||
| Sonicwall | SonicOS | SonicOS 5.9.x versions antérieures à 5.9.2.13-7n | ||
| Sonicwall | SonicOS | SonicOS 6.0.x versions antérieures à 6.0.5.3-94o | ||
| Sonicwall | SonicOS | SonicOS 6.5.4.v versions antérieures à 6.5.4.v-21s-987 |
References
| Title | Publication Time | Tags | |||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "SonicOS 6.5.1.x versions ant\u00e9rieures \u00e0 6.5.1.12-1n",
"product": {
"name": "SonicOS",
"vendor": {
"name": "Sonicwall",
"scada": false
}
}
},
{
"description": "Gen 7 versions ant\u00e9rieures \u00e0 7.0.0.0-2",
"product": {
"name": "SonicOS",
"vendor": {
"name": "Sonicwall",
"scada": false
}
}
},
{
"description": "SonicOS 6.5.4.x versions ant\u00e9rieures \u00e0 6.5.4.7-83n",
"product": {
"name": "SonicOS",
"vendor": {
"name": "Sonicwall",
"scada": false
}
}
},
{
"description": "SonicOS 5.9.x versions ant\u00e9rieures \u00e0 5.9.2.13-7n",
"product": {
"name": "SonicOS",
"vendor": {
"name": "Sonicwall",
"scada": false
}
}
},
{
"description": "SonicOS 6.0.x versions ant\u00e9rieures \u00e0 6.0.5.3-94o",
"product": {
"name": "SonicOS",
"vendor": {
"name": "Sonicwall",
"scada": false
}
}
},
{
"description": "SonicOS 6.5.4.v versions ant\u00e9rieures \u00e0 6.5.4.v-21s-987",
"product": {
"name": "SonicOS",
"vendor": {
"name": "Sonicwall",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2020-5138",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-5138"
},
{
"name": "CVE-2020-5142",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-5142"
},
{
"name": "CVE-2020-5140",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-5140"
},
{
"name": "CVE-2020-5133",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-5133"
},
{
"name": "CVE-2020-5143",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-5143"
},
{
"name": "CVE-2020-5136",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-5136"
},
{
"name": "CVE-2020-5137",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-5137"
},
{
"name": "CVE-2020-5134",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-5134"
},
{
"name": "CVE-2020-5141",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-5141"
},
{
"name": "CVE-2020-5135",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-5135"
},
{
"name": "CVE-2020-5139",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-5139"
}
],
"initial_release_date": "2020-10-19T00:00:00",
"last_revision_date": "2020-10-19T00:00:00",
"links": [],
"reference": "CERTFR-2020-AVI-651",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2020-10-19T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Sonicwall SonicOS.\nCertaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une\nex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance\net un contournement de la politique de s\u00e9curit\u00e9.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Sonicwall SonicOS",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Sonicwall SNWLID-2020-0009 du 12 octobre 2020",
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2020-0009"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Sonicwall SNWLID-2020-0013 du 12 octobre 2020",
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2020-0013"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Sonicwall SNWLID-2020-0011 du 12 octobre 2020",
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2020-0011"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Sonicwall SNWLID-2020-0016 du 12 octobre 2020",
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2020-0016"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Sonicwall SNWLID-2020-0012 du 12 octobre 2020",
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2020-0012"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Sonicwall SNWLID-2020-0015 du 12 octobre 2020",
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2020-0015"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Sonicwall SNWLID-2020-0018 du 12 octobre 2020",
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2020-0018"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Sonicwall SNWLID-2020-0017 du 12 octobre 2020",
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2020-0017"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Sonicwall SNWLID-2020-0008 du 12 octobre 2020",
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2020-0008"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Sonicwall SNWLID-2020-0010 du 12 octobre 2020",
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2020-0010"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Sonicwall SNWLID-2020-0014 du 12 octobre 2020",
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2020-0014"
}
]
}
CVE-2020-5143 (GCVE-0-2020-5143)
Vulnerability from cvelistv5
Published
2020-10-12 10:40
Modified
2024-08-04 08:22
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-203 - Observable Differences in Behavior to Error Inputs
Summary
SonicOS SSLVPN login page allows a remote unauthenticated attacker to perform firewall management administrator username enumeration based on the server responses. This vulnerability affected SonicOS Gen 5 version 5.9.1.7, 5.9.1.13, Gen 6 version 6.5.4.7, 6.5.1.12, 6.0.5.3, SonicOSv 6.5.4.v and Gen 7 version SonicOS 7.0.0.0.
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SonicWall | SonicOS |
Version: SonicOS 6.5.4.7-79n and earlier Version: SonicOS 5.9.1.7-2n and earlier Version: SonicOS 5.9.1.13-5n and earlier Version: SonicOS 6.5.1.11-4n and earlier Version: SonicOS 6.0.5.3-93o and earlier Version: SonicOSv 6.5.4.4-44v-21-794 and earlier Version: SonicOS 7.0.0.0-1 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T08:22:08.901Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2020-0018"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "SonicOS",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "SonicOS 6.5.4.7-79n and earlier"
},
{
"status": "affected",
"version": "SonicOS 5.9.1.7-2n and earlier"
},
{
"status": "affected",
"version": "SonicOS 5.9.1.13-5n and earlier"
},
{
"status": "affected",
"version": "SonicOS 6.5.1.11-4n and earlier"
},
{
"status": "affected",
"version": "SonicOS 6.0.5.3-93o and earlier"
},
{
"status": "affected",
"version": "SonicOSv 6.5.4.4-44v-21-794 and earlier"
},
{
"status": "affected",
"version": "SonicOS 7.0.0.0-1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "SonicOS SSLVPN login page allows a remote unauthenticated attacker to perform firewall management administrator username enumeration based on the server responses. This vulnerability affected SonicOS Gen 5 version 5.9.1.7, 5.9.1.13, Gen 6 version 6.5.4.7, 6.5.1.12, 6.0.5.3, SonicOSv 6.5.4.v and Gen 7 version SonicOS 7.0.0.0."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-203",
"description": "CWE-203: Observable Differences in Behavior to Error Inputs",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-10-12T10:40:32",
"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"shortName": "sonicwall"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2020-0018"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "PSIRT@sonicwall.com",
"ID": "CVE-2020-5143",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SonicOS",
"version": {
"version_data": [
{
"version_value": "SonicOS 6.5.4.7-79n and earlier"
},
{
"version_value": "SonicOS 5.9.1.7-2n and earlier"
},
{
"version_value": "SonicOS 5.9.1.13-5n and earlier"
},
{
"version_value": "SonicOS 6.5.1.11-4n and earlier"
},
{
"version_value": "SonicOS 6.0.5.3-93o and earlier"
},
{
"version_value": "SonicOSv 6.5.4.4-44v-21-794 and earlier"
},
{
"version_value": "SonicOS 7.0.0.0-1"
}
]
}
}
]
},
"vendor_name": "SonicWall"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SonicOS SSLVPN login page allows a remote unauthenticated attacker to perform firewall management administrator username enumeration based on the server responses. This vulnerability affected SonicOS Gen 5 version 5.9.1.7, 5.9.1.13, Gen 6 version 6.5.4.7, 6.5.1.12, 6.0.5.3, SonicOSv 6.5.4.v and Gen 7 version SonicOS 7.0.0.0."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-203: Observable Differences in Behavior to Error Inputs"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2020-0018",
"refsource": "CONFIRM",
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2020-0018"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"assignerShortName": "sonicwall",
"cveId": "CVE-2020-5143",
"datePublished": "2020-10-12T10:40:32",
"dateReserved": "2019-12-31T00:00:00",
"dateUpdated": "2024-08-04T08:22:08.901Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-5135 (GCVE-0-2020-5135)
Vulnerability from cvelistv5
Published
2020-10-12 10:40
Modified
2025-10-21 23:35
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-120 - Buffer Copy without Checking Size of Input
Summary
A buffer overflow vulnerability in SonicOS allows a remote attacker to cause Denial of Service (DoS) and potentially execute arbitrary code by sending a malicious request to the firewall. This vulnerability affected SonicOS Gen 6 version 6.5.4.7, 6.5.1.12, 6.0.5.3, SonicOSv 6.5.4.v and Gen 7 version 7.0.0.0.
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T08:22:08.937Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2020-0010"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2020-5135",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-06T19:55:08.576470Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2022-03-15",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-5135"
},
"type": "kev"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-21T23:35:35.728Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-5135"
}
],
"timeline": [
{
"lang": "en",
"time": "2022-03-15T00:00:00+00:00",
"value": "CVE-2020-5135 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "SonicOS",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "SonicOS 6.5.4.7-79n and earlier"
},
{
"status": "affected",
"version": "SonicOS 6.5.1.11-4n and earlier"
},
{
"status": "affected",
"version": "SonicOS 6.0.5.3-93o and earlier"
},
{
"status": "affected",
"version": "SonicOSv 6.5.4.4-44v-21-794 and earlier"
},
{
"status": "affected",
"version": "SonicOS 7.0.0.0-1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A buffer overflow vulnerability in SonicOS allows a remote attacker to cause Denial of Service (DoS) and potentially execute arbitrary code by sending a malicious request to the firewall. This vulnerability affected SonicOS Gen 6 version 6.5.4.7, 6.5.1.12, 6.0.5.3, SonicOSv 6.5.4.v and Gen 7 version 7.0.0.0."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-120",
"description": "CWE-120: Buffer Copy without Checking Size of Input",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-10-12T10:40:28.000Z",
"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"shortName": "sonicwall"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2020-0010"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "PSIRT@sonicwall.com",
"ID": "CVE-2020-5135",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SonicOS",
"version": {
"version_data": [
{
"version_value": "SonicOS 6.5.4.7-79n and earlier"
},
{
"version_value": "SonicOS 6.5.1.11-4n and earlier"
},
{
"version_value": "SonicOS 6.0.5.3-93o and earlier"
},
{
"version_value": "SonicOSv 6.5.4.4-44v-21-794 and earlier"
},
{
"version_value": "SonicOS 7.0.0.0-1"
}
]
}
}
]
},
"vendor_name": "SonicWall"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A buffer overflow vulnerability in SonicOS allows a remote attacker to cause Denial of Service (DoS) and potentially execute arbitrary code by sending a malicious request to the firewall. This vulnerability affected SonicOS Gen 6 version 6.5.4.7, 6.5.1.12, 6.0.5.3, SonicOSv 6.5.4.v and Gen 7 version 7.0.0.0."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-120: Buffer Copy without Checking Size of Input"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2020-0010",
"refsource": "CONFIRM",
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2020-0010"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"assignerShortName": "sonicwall",
"cveId": "CVE-2020-5135",
"datePublished": "2020-10-12T10:40:28.000Z",
"dateReserved": "2019-12-31T00:00:00.000Z",
"dateUpdated": "2025-10-21T23:35:35.728Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-5139 (GCVE-0-2020-5139)
Vulnerability from cvelistv5
Published
2020-10-12 10:40
Modified
2024-08-04 08:22
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-763 - Release of Invalid Pointer or Reference
Summary
A vulnerability in SonicOS SSLVPN service allows a remote unauthenticated attacker to cause Denial of Service (DoS) due to the release of Invalid pointer and leads to a firewall crash. This vulnerability affected SonicOS Gen 5 version 5.9.1.7, 5.9.1.13, Gen 6 version 6.5.4.7, 6.5.1.12, 6.0.5.3, SonicOSv 6.5.4.v and Gen 7 version SonicOS 7.0.0.0.
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SonicWall | SonicOS |
Version: SonicOS 6.5.4.7-79n and earlier Version: SonicOS 5.9.1.7-2n and earlier Version: SonicOS 5.9.1.13-5n and earlier Version: SonicOS 6.5.1.11-4n and earlier Version: SonicOS 6.0.5.3-93o and earlier Version: SonicOSv 6.5.4.4-44v-21-794 and earlier Version: SonicOS 7.0.0.0-1 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T08:22:08.741Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2020-0014"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "SonicOS",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "SonicOS 6.5.4.7-79n and earlier"
},
{
"status": "affected",
"version": "SonicOS 5.9.1.7-2n and earlier"
},
{
"status": "affected",
"version": "SonicOS 5.9.1.13-5n and earlier"
},
{
"status": "affected",
"version": "SonicOS 6.5.1.11-4n and earlier"
},
{
"status": "affected",
"version": "SonicOS 6.0.5.3-93o and earlier"
},
{
"status": "affected",
"version": "SonicOSv 6.5.4.4-44v-21-794 and earlier"
},
{
"status": "affected",
"version": "SonicOS 7.0.0.0-1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in SonicOS SSLVPN service allows a remote unauthenticated attacker to cause Denial of Service (DoS) due to the release of Invalid pointer and leads to a firewall crash. This vulnerability affected SonicOS Gen 5 version 5.9.1.7, 5.9.1.13, Gen 6 version 6.5.4.7, 6.5.1.12, 6.0.5.3, SonicOSv 6.5.4.v and Gen 7 version SonicOS 7.0.0.0."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-763",
"description": "CWE-763: Release of Invalid Pointer or Reference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-10-12T10:40:30",
"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"shortName": "sonicwall"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2020-0014"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "PSIRT@sonicwall.com",
"ID": "CVE-2020-5139",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SonicOS",
"version": {
"version_data": [
{
"version_value": "SonicOS 6.5.4.7-79n and earlier"
},
{
"version_value": "SonicOS 5.9.1.7-2n and earlier"
},
{
"version_value": "SonicOS 5.9.1.13-5n and earlier"
},
{
"version_value": "SonicOS 6.5.1.11-4n and earlier"
},
{
"version_value": "SonicOS 6.0.5.3-93o and earlier"
},
{
"version_value": "SonicOSv 6.5.4.4-44v-21-794 and earlier"
},
{
"version_value": "SonicOS 7.0.0.0-1"
}
]
}
}
]
},
"vendor_name": "SonicWall"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in SonicOS SSLVPN service allows a remote unauthenticated attacker to cause Denial of Service (DoS) due to the release of Invalid pointer and leads to a firewall crash. This vulnerability affected SonicOS Gen 5 version 5.9.1.7, 5.9.1.13, Gen 6 version 6.5.4.7, 6.5.1.12, 6.0.5.3, SonicOSv 6.5.4.v and Gen 7 version SonicOS 7.0.0.0."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-763: Release of Invalid Pointer or Reference"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2020-0014",
"refsource": "CONFIRM",
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2020-0014"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"assignerShortName": "sonicwall",
"cveId": "CVE-2020-5139",
"datePublished": "2020-10-12T10:40:30",
"dateReserved": "2019-12-31T00:00:00",
"dateUpdated": "2024-08-04T08:22:08.741Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-5133 (GCVE-0-2020-5133)
Vulnerability from cvelistv5
Published
2020-10-12 10:40
Modified
2024-08-04 08:22
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-120 - Buffer Copy without Checking Size of Input
Summary
A vulnerability in SonicOS allows a remote unauthenticated attacker to cause Denial of Service due to buffer overflow, which leads to a firewall crash. This vulnerability affected SonicOS Gen 6 version 6.5.1.12, 6.0.5.3, SonicOSv 6.5.4.v and Gen 7 version 7.0.0.0.
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T08:22:09.005Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2020-0008"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "SonicOS",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "SonicOS 6.5.1.11-4n and earlier"
},
{
"status": "affected",
"version": "SonicOS 6.0.5.3-93o and earlier"
},
{
"status": "affected",
"version": "SonicOSv 6.5.4.4-44v-21-794 and earlier"
},
{
"status": "affected",
"version": "SonicOS 7.0.0.0-1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in SonicOS allows a remote unauthenticated attacker to cause Denial of Service due to buffer overflow, which leads to a firewall crash. This vulnerability affected SonicOS Gen 6 version 6.5.1.12, 6.0.5.3, SonicOSv 6.5.4.v and Gen 7 version 7.0.0.0."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-120",
"description": "CWE-120: Buffer Copy without Checking Size of Input",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-10-12T10:40:27",
"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"shortName": "sonicwall"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2020-0008"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "PSIRT@sonicwall.com",
"ID": "CVE-2020-5133",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SonicOS",
"version": {
"version_data": [
{
"version_value": "SonicOS 6.5.1.11-4n and earlier"
},
{
"version_value": "SonicOS 6.0.5.3-93o and earlier"
},
{
"version_value": "SonicOSv 6.5.4.4-44v-21-794 and earlier"
},
{
"version_value": "SonicOS 7.0.0.0-1"
}
]
}
}
]
},
"vendor_name": "SonicWall"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in SonicOS allows a remote unauthenticated attacker to cause Denial of Service due to buffer overflow, which leads to a firewall crash. This vulnerability affected SonicOS Gen 6 version 6.5.1.12, 6.0.5.3, SonicOSv 6.5.4.v and Gen 7 version 7.0.0.0."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-120: Buffer Copy without Checking Size of Input"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2020-0008",
"refsource": "CONFIRM",
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2020-0008"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"assignerShortName": "sonicwall",
"cveId": "CVE-2020-5133",
"datePublished": "2020-10-12T10:40:27",
"dateReserved": "2019-12-31T00:00:00",
"dateUpdated": "2024-08-04T08:22:09.005Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-5140 (GCVE-0-2020-5140)
Vulnerability from cvelistv5
Published
2020-10-12 10:40
Modified
2024-08-04 08:22
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-125 - Out-of-bounds Read
Summary
A vulnerability in SonicOS allows a remote unauthenticated attacker to cause Denial of Service (DoS) on the firewall SSLVPN service by sending a malicious HTTP request that leads to memory addresses leak. This vulnerability affected SonicOS Gen 5 version 5.9.1.7, 5.9.1.13, Gen 6 version 6.5.4.7, 6.5.1.12, 6.0.5.3, SonicOSv 6.5.4.v and Gen 7 version SonicOS 7.0.0.0.
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SonicWall | SonicOS |
Version: SonicOS 6.5.4.7-79n and earlier Version: SonicOS 5.9.1.7-2n and earlier Version: SonicOS 5.9.1.13-5n and earlier Version: SonicOS 6.5.1.11-4n and earlier Version: SonicOS 6.0.5.3-93o and earlier Version: SonicOSv 6.5.4.4-44v-21-794 and earlier Version: SonicOS 7.0.0.0-1 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T08:22:08.956Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2020-0015"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "SonicOS",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "SonicOS 6.5.4.7-79n and earlier"
},
{
"status": "affected",
"version": "SonicOS 5.9.1.7-2n and earlier"
},
{
"status": "affected",
"version": "SonicOS 5.9.1.13-5n and earlier"
},
{
"status": "affected",
"version": "SonicOS 6.5.1.11-4n and earlier"
},
{
"status": "affected",
"version": "SonicOS 6.0.5.3-93o and earlier"
},
{
"status": "affected",
"version": "SonicOSv 6.5.4.4-44v-21-794 and earlier"
},
{
"status": "affected",
"version": "SonicOS 7.0.0.0-1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in SonicOS allows a remote unauthenticated attacker to cause Denial of Service (DoS) on the firewall SSLVPN service by sending a malicious HTTP request that leads to memory addresses leak. This vulnerability affected SonicOS Gen 5 version 5.9.1.7, 5.9.1.13, Gen 6 version 6.5.4.7, 6.5.1.12, 6.0.5.3, SonicOSv 6.5.4.v and Gen 7 version SonicOS 7.0.0.0."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125: Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-10-12T10:40:30",
"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"shortName": "sonicwall"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2020-0015"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "PSIRT@sonicwall.com",
"ID": "CVE-2020-5140",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SonicOS",
"version": {
"version_data": [
{
"version_value": "SonicOS 6.5.4.7-79n and earlier"
},
{
"version_value": "SonicOS 5.9.1.7-2n and earlier"
},
{
"version_value": "SonicOS 5.9.1.13-5n and earlier"
},
{
"version_value": "SonicOS 6.5.1.11-4n and earlier"
},
{
"version_value": "SonicOS 6.0.5.3-93o and earlier"
},
{
"version_value": "SonicOSv 6.5.4.4-44v-21-794 and earlier"
},
{
"version_value": "SonicOS 7.0.0.0-1"
}
]
}
}
]
},
"vendor_name": "SonicWall"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in SonicOS allows a remote unauthenticated attacker to cause Denial of Service (DoS) on the firewall SSLVPN service by sending a malicious HTTP request that leads to memory addresses leak. This vulnerability affected SonicOS Gen 5 version 5.9.1.7, 5.9.1.13, Gen 6 version 6.5.4.7, 6.5.1.12, 6.0.5.3, SonicOSv 6.5.4.v and Gen 7 version SonicOS 7.0.0.0."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-125: Out-of-bounds Read"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2020-0015",
"refsource": "CONFIRM",
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2020-0015"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"assignerShortName": "sonicwall",
"cveId": "CVE-2020-5140",
"datePublished": "2020-10-12T10:40:30",
"dateReserved": "2019-12-31T00:00:00",
"dateUpdated": "2024-08-04T08:22:08.956Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-5141 (GCVE-0-2020-5141)
Vulnerability from cvelistv5
Published
2020-10-12 10:40
Modified
2024-08-04 08:22
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-799 - Improper Control of Interaction Frequency
Summary
A vulnerability in SonicOS allows a remote unauthenticated attacker to brute force Virtual Assist ticket ID in the firewall SSLVPN service. This vulnerability affected SonicOS Gen 5 version 5.9.1.7, 5.9.1.13, Gen 6 version 6.5.4.7, 6.5.1.12, 6.0.5.3, SonicOSv 6.5.4.v and Gen 7 version SonicOS 7.0.0.0.
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SonicWall | SonicOS |
Version: SonicOS 6.5.4.7-79n and earlier Version: SonicOS 5.9.1.7-2n and earlier Version: SonicOS 5.9.1.13-5n and earlier Version: SonicOS 6.5.1.11-4n and earlier Version: SonicOS 6.0.5.3-93o and earlier Version: SonicOSv 6.5.4.4-44v-21-794 and earlier Version: SonicOS 7.0.0.0-1 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T08:22:08.563Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2020-0016"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "SonicOS",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "SonicOS 6.5.4.7-79n and earlier"
},
{
"status": "affected",
"version": "SonicOS 5.9.1.7-2n and earlier"
},
{
"status": "affected",
"version": "SonicOS 5.9.1.13-5n and earlier"
},
{
"status": "affected",
"version": "SonicOS 6.5.1.11-4n and earlier"
},
{
"status": "affected",
"version": "SonicOS 6.0.5.3-93o and earlier"
},
{
"status": "affected",
"version": "SonicOSv 6.5.4.4-44v-21-794 and earlier"
},
{
"status": "affected",
"version": "SonicOS 7.0.0.0-1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in SonicOS allows a remote unauthenticated attacker to brute force Virtual Assist ticket ID in the firewall SSLVPN service. This vulnerability affected SonicOS Gen 5 version 5.9.1.7, 5.9.1.13, Gen 6 version 6.5.4.7, 6.5.1.12, 6.0.5.3, SonicOSv 6.5.4.v and Gen 7 version SonicOS 7.0.0.0."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-799",
"description": "CWE-799: Improper Control of Interaction Frequency",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-10-12T10:40:31",
"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"shortName": "sonicwall"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2020-0016"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "PSIRT@sonicwall.com",
"ID": "CVE-2020-5141",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SonicOS",
"version": {
"version_data": [
{
"version_value": "SonicOS 6.5.4.7-79n and earlier"
},
{
"version_value": "SonicOS 5.9.1.7-2n and earlier"
},
{
"version_value": "SonicOS 5.9.1.13-5n and earlier"
},
{
"version_value": "SonicOS 6.5.1.11-4n and earlier"
},
{
"version_value": "SonicOS 6.0.5.3-93o and earlier"
},
{
"version_value": "SonicOSv 6.5.4.4-44v-21-794 and earlier"
},
{
"version_value": "SonicOS 7.0.0.0-1"
}
]
}
}
]
},
"vendor_name": "SonicWall"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in SonicOS allows a remote unauthenticated attacker to brute force Virtual Assist ticket ID in the firewall SSLVPN service. This vulnerability affected SonicOS Gen 5 version 5.9.1.7, 5.9.1.13, Gen 6 version 6.5.4.7, 6.5.1.12, 6.0.5.3, SonicOSv 6.5.4.v and Gen 7 version SonicOS 7.0.0.0."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-799: Improper Control of Interaction Frequency"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2020-0016",
"refsource": "CONFIRM",
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2020-0016"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"assignerShortName": "sonicwall",
"cveId": "CVE-2020-5141",
"datePublished": "2020-10-12T10:40:31",
"dateReserved": "2019-12-31T00:00:00",
"dateUpdated": "2024-08-04T08:22:08.563Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-5138 (GCVE-0-2020-5138)
Vulnerability from cvelistv5
Published
2020-10-12 10:40
Modified
2024-08-04 08:22
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-122 - Heap-based Buffer Overflow
Summary
A Heap Overflow vulnerability in the SonicOS allows a remote unauthenticated attacker to cause Denial of Service (DoS) on the firewall SSLVPN service and leads to SonicOS crash. This vulnerability affected SonicOS Gen 5 version 5.9.1.7, 5.9.1.13, Gen 6 version 6.5.4.7, 6.5.1.12, 6.0.5.3, SonicOSv 6.5.4.v and Gen 7 version SonicOS 7.0.0.0.
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SonicWall | SonicOS |
Version: SonicOS 6.5.4.7-79n and earlier Version: SonicOS 5.9.1.7-2n and earlier Version: SonicOS 5.9.1.13-5n and earlier Version: SonicOS 6.5.1.11-4n and earlier Version: SonicOS 6.0.5.3-93o and earlier Version: SonicOSv 6.5.4.4-44v-21-794 and earlier Version: SonicOS 7.0.0.0-1 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T08:22:08.765Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2020-0013"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "SonicOS",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "SonicOS 6.5.4.7-79n and earlier"
},
{
"status": "affected",
"version": "SonicOS 5.9.1.7-2n and earlier"
},
{
"status": "affected",
"version": "SonicOS 5.9.1.13-5n and earlier"
},
{
"status": "affected",
"version": "SonicOS 6.5.1.11-4n and earlier"
},
{
"status": "affected",
"version": "SonicOS 6.0.5.3-93o and earlier"
},
{
"status": "affected",
"version": "SonicOSv 6.5.4.4-44v-21-794 and earlier"
},
{
"status": "affected",
"version": "SonicOS 7.0.0.0-1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A Heap Overflow vulnerability in the SonicOS allows a remote unauthenticated attacker to cause Denial of Service (DoS) on the firewall SSLVPN service and leads to SonicOS crash. This vulnerability affected SonicOS Gen 5 version 5.9.1.7, 5.9.1.13, Gen 6 version 6.5.4.7, 6.5.1.12, 6.0.5.3, SonicOSv 6.5.4.v and Gen 7 version SonicOS 7.0.0.0."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-122",
"description": "CWE-122: Heap-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-10-12T10:40:30",
"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"shortName": "sonicwall"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2020-0013"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "PSIRT@sonicwall.com",
"ID": "CVE-2020-5138",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SonicOS",
"version": {
"version_data": [
{
"version_value": "SonicOS 6.5.4.7-79n and earlier"
},
{
"version_value": "SonicOS 5.9.1.7-2n and earlier"
},
{
"version_value": "SonicOS 5.9.1.13-5n and earlier"
},
{
"version_value": "SonicOS 6.5.1.11-4n and earlier"
},
{
"version_value": "SonicOS 6.0.5.3-93o and earlier"
},
{
"version_value": "SonicOSv 6.5.4.4-44v-21-794 and earlier"
},
{
"version_value": "SonicOS 7.0.0.0-1"
}
]
}
}
]
},
"vendor_name": "SonicWall"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A Heap Overflow vulnerability in the SonicOS allows a remote unauthenticated attacker to cause Denial of Service (DoS) on the firewall SSLVPN service and leads to SonicOS crash. This vulnerability affected SonicOS Gen 5 version 5.9.1.7, 5.9.1.13, Gen 6 version 6.5.4.7, 6.5.1.12, 6.0.5.3, SonicOSv 6.5.4.v and Gen 7 version SonicOS 7.0.0.0."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-122: Heap-based Buffer Overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2020-0013",
"refsource": "CONFIRM",
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2020-0013"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"assignerShortName": "sonicwall",
"cveId": "CVE-2020-5138",
"datePublished": "2020-10-12T10:40:30",
"dateReserved": "2019-12-31T00:00:00",
"dateUpdated": "2024-08-04T08:22:08.765Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-5137 (GCVE-0-2020-5137)
Vulnerability from cvelistv5
Published
2020-10-12 10:40
Modified
2024-08-04 08:22
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-120 - Buffer Copy without Checking Size of Input
Summary
A buffer overflow vulnerability in SonicOS allows a remote unauthenticated attacker to cause Denial of Service (DoS) on the firewall SSLVPN service and leads to firewall crash. This vulnerability affected SonicOS Gen 5 version 5.9.1.7, 5.9.1.13, Gen 6 version 6.5.4.7, 6.5.1.12, 6.0.5.3, SonicOSv 6.5.4.v and Gen 7 version 7.0.0.0.
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SonicWall | SonicOS |
Version: SonicOS 6.5.4.7-79n and earlier Version: SonicOS 5.9.1.7-2n and earlier Version: SonicOS 5.9.1.13-5n and earlier Version: SonicOS 6.5.1.11-4n and earlier Version: SonicOS 6.0.5.3-93o and earlier Version: SonicOSv 6.5.4.4-44v-21-794 and earlier Version: SonicOS 7.0.0.0-1 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T08:22:08.704Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2020-0012"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "SonicOS",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "SonicOS 6.5.4.7-79n and earlier"
},
{
"status": "affected",
"version": "SonicOS 5.9.1.7-2n and earlier"
},
{
"status": "affected",
"version": "SonicOS 5.9.1.13-5n and earlier"
},
{
"status": "affected",
"version": "SonicOS 6.5.1.11-4n and earlier"
},
{
"status": "affected",
"version": "SonicOS 6.0.5.3-93o and earlier"
},
{
"status": "affected",
"version": "SonicOSv 6.5.4.4-44v-21-794 and earlier"
},
{
"status": "affected",
"version": "SonicOS 7.0.0.0-1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A buffer overflow vulnerability in SonicOS allows a remote unauthenticated attacker to cause Denial of Service (DoS) on the firewall SSLVPN service and leads to firewall crash. This vulnerability affected SonicOS Gen 5 version 5.9.1.7, 5.9.1.13, Gen 6 version 6.5.4.7, 6.5.1.12, 6.0.5.3, SonicOSv 6.5.4.v and Gen 7 version 7.0.0.0."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-120",
"description": "CWE-120: Buffer Copy without Checking Size of Input",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-10-12T10:40:29",
"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"shortName": "sonicwall"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2020-0012"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "PSIRT@sonicwall.com",
"ID": "CVE-2020-5137",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SonicOS",
"version": {
"version_data": [
{
"version_value": "SonicOS 6.5.4.7-79n and earlier"
},
{
"version_value": "SonicOS 5.9.1.7-2n and earlier"
},
{
"version_value": "SonicOS 5.9.1.13-5n and earlier"
},
{
"version_value": "SonicOS 6.5.1.11-4n and earlier"
},
{
"version_value": "SonicOS 6.0.5.3-93o and earlier"
},
{
"version_value": "SonicOSv 6.5.4.4-44v-21-794 and earlier"
},
{
"version_value": "SonicOS 7.0.0.0-1"
}
]
}
}
]
},
"vendor_name": "SonicWall"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A buffer overflow vulnerability in SonicOS allows a remote unauthenticated attacker to cause Denial of Service (DoS) on the firewall SSLVPN service and leads to firewall crash. This vulnerability affected SonicOS Gen 5 version 5.9.1.7, 5.9.1.13, Gen 6 version 6.5.4.7, 6.5.1.12, 6.0.5.3, SonicOSv 6.5.4.v and Gen 7 version 7.0.0.0."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-120: Buffer Copy without Checking Size of Input"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2020-0012",
"refsource": "CONFIRM",
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2020-0012"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"assignerShortName": "sonicwall",
"cveId": "CVE-2020-5137",
"datePublished": "2020-10-12T10:40:29",
"dateReserved": "2019-12-31T00:00:00",
"dateUpdated": "2024-08-04T08:22:08.704Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-5134 (GCVE-0-2020-5134)
Vulnerability from cvelistv5
Published
2020-10-12 10:40
Modified
2024-08-04 08:22
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-125 - Out-of-bounds Read
Summary
A vulnerability in SonicOS allows an authenticated attacker to cause out-of-bound invalid file reference leads to a firewall crash. This vulnerability affected SonicOS Gen 6 version 6.5.1.12, 6.0.5.3, SonicOSv 6.5.4.v and Gen 7 version 7.0.0.0.
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T08:22:09.026Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2020-0009"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "SonicOS",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "SonicOS 6.5.1.11-4n and earlier"
},
{
"status": "affected",
"version": "SonicOS 6.0.5.3-93o and earlier"
},
{
"status": "affected",
"version": "SonicOSv 6.5.4.4-44v-21-794 and earlier"
},
{
"status": "affected",
"version": "SonicOS 7.0.0.0-1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in SonicOS allows an authenticated attacker to cause out-of-bound invalid file reference leads to a firewall crash. This vulnerability affected SonicOS Gen 6 version 6.5.1.12, 6.0.5.3, SonicOSv 6.5.4.v and Gen 7 version 7.0.0.0."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125: Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-10-12T10:40:28",
"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"shortName": "sonicwall"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2020-0009"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "PSIRT@sonicwall.com",
"ID": "CVE-2020-5134",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SonicOS",
"version": {
"version_data": [
{
"version_value": "SonicOS 6.5.1.11-4n and earlier"
},
{
"version_value": "SonicOS 6.0.5.3-93o and earlier"
},
{
"version_value": "SonicOSv 6.5.4.4-44v-21-794 and earlier"
},
{
"version_value": "SonicOS 7.0.0.0-1"
}
]
}
}
]
},
"vendor_name": "SonicWall"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in SonicOS allows an authenticated attacker to cause out-of-bound invalid file reference leads to a firewall crash. This vulnerability affected SonicOS Gen 6 version 6.5.1.12, 6.0.5.3, SonicOSv 6.5.4.v and Gen 7 version 7.0.0.0."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-125: Out-of-bounds Read"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2020-0009",
"refsource": "CONFIRM",
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2020-0009"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"assignerShortName": "sonicwall",
"cveId": "CVE-2020-5134",
"datePublished": "2020-10-12T10:40:28",
"dateReserved": "2019-12-31T00:00:00",
"dateUpdated": "2024-08-04T08:22:09.026Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-5136 (GCVE-0-2020-5136)
Vulnerability from cvelistv5
Published
2020-10-12 10:40
Modified
2024-08-04 08:22
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-120 - Buffer Copy without Checking Size of Input
Summary
A buffer overflow vulnerability in SonicOS allows an authenticated attacker to cause Denial of Service (DoS) in the SSL-VPN and virtual assist portal, which leads to a firewall crash. This vulnerability affected SonicOS Gen 5 version 5.9.1.7, 5.9.1.13, Gen 6 version 6.5.4.7, 6.5.1.12, 6.0.5.3, SonicOSv 6.5.4.v and Gen 7 version 7.0.0.0.
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SonicWall | SonicOS |
Version: SonicOS 6.5.4.7-79n and earlier Version: SonicOS 5.9.1.7-2n and earlier Version: SonicOS 5.9.1.13-5n and earlier Version: SonicOS 6.5.1.11-4n and earlier Version: SonicOS 6.0.5.3-93o and earlier Version: SonicOSv 6.5.4.4-44v-21-794 and earlier Version: SonicOS 7.0.0.0-1 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T08:22:08.451Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2020-0011"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "SonicOS",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "SonicOS 6.5.4.7-79n and earlier"
},
{
"status": "affected",
"version": "SonicOS 5.9.1.7-2n and earlier"
},
{
"status": "affected",
"version": "SonicOS 5.9.1.13-5n and earlier"
},
{
"status": "affected",
"version": "SonicOS 6.5.1.11-4n and earlier"
},
{
"status": "affected",
"version": "SonicOS 6.0.5.3-93o and earlier"
},
{
"status": "affected",
"version": "SonicOSv 6.5.4.4-44v-21-794 and earlier"
},
{
"status": "affected",
"version": "SonicOS 7.0.0.0-1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A buffer overflow vulnerability in SonicOS allows an authenticated attacker to cause Denial of Service (DoS) in the SSL-VPN and virtual assist portal, which leads to a firewall crash. This vulnerability affected SonicOS Gen 5 version 5.9.1.7, 5.9.1.13, Gen 6 version 6.5.4.7, 6.5.1.12, 6.0.5.3, SonicOSv 6.5.4.v and Gen 7 version 7.0.0.0."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-120",
"description": "CWE-120: Buffer Copy without Checking Size of Input",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-10-12T10:40:29",
"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"shortName": "sonicwall"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2020-0011"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "PSIRT@sonicwall.com",
"ID": "CVE-2020-5136",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SonicOS",
"version": {
"version_data": [
{
"version_value": "SonicOS 6.5.4.7-79n and earlier"
},
{
"version_value": "SonicOS 5.9.1.7-2n and earlier"
},
{
"version_value": "SonicOS 5.9.1.13-5n and earlier"
},
{
"version_value": "SonicOS 6.5.1.11-4n and earlier"
},
{
"version_value": "SonicOS 6.0.5.3-93o and earlier"
},
{
"version_value": "SonicOSv 6.5.4.4-44v-21-794 and earlier"
},
{
"version_value": "SonicOS 7.0.0.0-1"
}
]
}
}
]
},
"vendor_name": "SonicWall"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A buffer overflow vulnerability in SonicOS allows an authenticated attacker to cause Denial of Service (DoS) in the SSL-VPN and virtual assist portal, which leads to a firewall crash. This vulnerability affected SonicOS Gen 5 version 5.9.1.7, 5.9.1.13, Gen 6 version 6.5.4.7, 6.5.1.12, 6.0.5.3, SonicOSv 6.5.4.v and Gen 7 version 7.0.0.0."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-120: Buffer Copy without Checking Size of Input"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2020-0011",
"refsource": "CONFIRM",
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2020-0011"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"assignerShortName": "sonicwall",
"cveId": "CVE-2020-5136",
"datePublished": "2020-10-12T10:40:29",
"dateReserved": "2019-12-31T00:00:00",
"dateUpdated": "2024-08-04T08:22:08.451Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-5142 (GCVE-0-2020-5142)
Vulnerability from cvelistv5
Published
2020-10-12 10:40
Modified
2024-08-04 08:22
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation
Summary
A stored cross-site scripting (XSS) vulnerability exists in the SonicOS SSLVPN web interface. A remote unauthenticated attacker is able to store and potentially execute arbitrary JavaScript code in the firewall SSLVPN portal. This vulnerability affected SonicOS Gen 5 version 5.9.1.7, 5.9.1.13, Gen 6 version 6.5.4.7, 6.5.1.12, 6.0.5.3, SonicOSv 6.5.4.v and Gen 7 version SonicOS 7.0.0.0.
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SonicWall | SonicOS |
Version: SonicOS 6.5.4.7-79n and earlier Version: SonicOS 5.9.1.7-2n and earlier Version: SonicOS 5.9.1.13-5n and earlier Version: SonicOS 6.5.1.11-4n and earlier Version: SonicOS 6.0.5.3-93o and earlier Version: SonicOSv 6.5.4.4-44v-21-794 and earlier Version: SonicOS 7.0.0.0-1 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T08:22:09.083Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2020-0017"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "SonicOS",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "SonicOS 6.5.4.7-79n and earlier"
},
{
"status": "affected",
"version": "SonicOS 5.9.1.7-2n and earlier"
},
{
"status": "affected",
"version": "SonicOS 5.9.1.13-5n and earlier"
},
{
"status": "affected",
"version": "SonicOS 6.5.1.11-4n and earlier"
},
{
"status": "affected",
"version": "SonicOS 6.0.5.3-93o and earlier"
},
{
"status": "affected",
"version": "SonicOSv 6.5.4.4-44v-21-794 and earlier"
},
{
"status": "affected",
"version": "SonicOS 7.0.0.0-1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A stored cross-site scripting (XSS) vulnerability exists in the SonicOS SSLVPN web interface. A remote unauthenticated attacker is able to store and potentially execute arbitrary JavaScript code in the firewall SSLVPN portal. This vulnerability affected SonicOS Gen 5 version 5.9.1.7, 5.9.1.13, Gen 6 version 6.5.4.7, 6.5.1.12, 6.0.5.3, SonicOSv 6.5.4.v and Gen 7 version SonicOS 7.0.0.0."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79: Improper Neutralization of Input During Web Page Generation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-10-12T10:40:31",
"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"shortName": "sonicwall"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2020-0017"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "PSIRT@sonicwall.com",
"ID": "CVE-2020-5142",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SonicOS",
"version": {
"version_data": [
{
"version_value": "SonicOS 6.5.4.7-79n and earlier"
},
{
"version_value": "SonicOS 5.9.1.7-2n and earlier"
},
{
"version_value": "SonicOS 5.9.1.13-5n and earlier"
},
{
"version_value": "SonicOS 6.5.1.11-4n and earlier"
},
{
"version_value": "SonicOS 6.0.5.3-93o and earlier"
},
{
"version_value": "SonicOSv 6.5.4.4-44v-21-794 and earlier"
},
{
"version_value": "SonicOS 7.0.0.0-1"
}
]
}
}
]
},
"vendor_name": "SonicWall"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A stored cross-site scripting (XSS) vulnerability exists in the SonicOS SSLVPN web interface. A remote unauthenticated attacker is able to store and potentially execute arbitrary JavaScript code in the firewall SSLVPN portal. This vulnerability affected SonicOS Gen 5 version 5.9.1.7, 5.9.1.13, Gen 6 version 6.5.4.7, 6.5.1.12, 6.0.5.3, SonicOSv 6.5.4.v and Gen 7 version SonicOS 7.0.0.0."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79: Improper Neutralization of Input During Web Page Generation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2020-0017",
"refsource": "CONFIRM",
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2020-0017"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"assignerShortName": "sonicwall",
"cveId": "CVE-2020-5142",
"datePublished": "2020-10-12T10:40:31",
"dateReserved": "2019-12-31T00:00:00",
"dateUpdated": "2024-08-04T08:22:09.083Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…