Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CERTFR-2024-AVI-1042
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans Sonicwall Série Secure Mobile Access 100. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une atteinte à la confidentialité des données et un contournement de la politique de sécurité.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
Vendor | Product | Description | ||
---|---|---|---|---|
Sonicwall | Secure Mobile Access | Série Secure Mobile Access 100 (SMA 200, 210, 400, 410 et 500v) versions antérieures à 10.2.1.14-75sv |
References
Title | Publication Time | Tags | |||
---|---|---|---|---|---|
|
{ "$ref": "https://www.cert.ssi.gouv.fr/openapi.json", "affected_systems": [ { "description": "S\u00e9rie Secure Mobile Access 100 (SMA 200, 210, 400, 410 et 500v) versions ant\u00e9rieures \u00e0 10.2.1.14-75sv", "product": { "name": "Secure Mobile Access", "vendor": { "name": "Sonicwall", "scada": false } } } ], "affected_systems_content": "", "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).", "cves": [ { "name": "CVE-2024-45319", "url": "https://www.cve.org/CVERecord?id=CVE-2024-45319" }, { "name": "CVE-2024-53702", "url": "https://www.cve.org/CVERecord?id=CVE-2024-53702" }, { "name": "CVE-2024-38475", "url": "https://www.cve.org/CVERecord?id=CVE-2024-38475" }, { "name": "CVE-2024-53703", "url": "https://www.cve.org/CVERecord?id=CVE-2024-53703" }, { "name": "CVE-2024-45318", "url": "https://www.cve.org/CVERecord?id=CVE-2024-45318" }, { "name": "CVE-2024-40763", "url": "https://www.cve.org/CVERecord?id=CVE-2024-40763" } ], "initial_release_date": "2024-12-05T00:00:00", "last_revision_date": "2024-12-05T00:00:00", "links": [], "reference": "CERTFR-2024-AVI-1042", "revisions": [ { "description": "Version initiale", "revision_date": "2024-12-05T00:00:00.000000" } ], "risks": [ { "description": "Ex\u00e9cution de code arbitraire \u00e0 distance" }, { "description": "Contournement de la politique de s\u00e9curit\u00e9" }, { "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es" } ], "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Sonicwall S\u00e9rie Secure Mobile Access 100. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et un contournement de la politique de s\u00e9curit\u00e9.", "title": "Multiples vuln\u00e9rabilit\u00e9s dans Sonicwall Secure Mobile Access", "vendor_advisories": [ { "published_at": "2024-12-03", "title": "Bulletin de s\u00e9curit\u00e9 SonicWall SNWLID-2024-0018", "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0018" } ] }
CVE-2024-53703 (GCVE-0-2024-53703)
Vulnerability from cvelistv5
Published
2024-12-05 13:59
Modified
2024-12-07 04:55
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-121 - Stack-based Buffer Overflow
Summary
A vulnerability in the SonicWall SMA100 SSLVPN firmware 10.2.1.13-72sv and earlier versions mod_httprp library loaded by the Apache web server allows remote attackers to cause Stack-based buffer overflow and potentially lead to code execution.
References
URL | Tags | ||||
---|---|---|---|---|---|
|
Impacted products
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:o:sonicwall:sma100_firmware:*:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "sma100_firmware", "vendor": "sonicwall", "versions": [ { "lessThanOrEqual": "10.2.1.13-72sv", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" } }, { "other": { "content": { "id": "CVE-2024-53703", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-12-06T00:00:00+00:00", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-12-07T04:55:30.933Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unknown", "platforms": [ "Linux" ], "product": "SMA100", "vendor": "SonicWall", "versions": [ { "status": "affected", "version": "10.2.1.13-72sv and earlier versions" } ] } ], "credits": [ { "lang": "en", "type": "reporter", "value": "Alain Mowat of Orange Cyberdefense, Switzerland." } ], "datePublic": "2024-12-05T01:22:00.000Z", "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA vulnerability in the SonicWall SMA100 SSLVPN firmware 10.2.1.13-72sv and earlier versions mod_httprp library loaded by the Apache web server allows remote attackers to cause Stack-based buffer overflow and potentially lead to code execution.\u003c/span\u003e\n\n\u003c/span\u003e\n\n\u003c/span\u003e\n\n\u003c/span\u003e\n\n\u003c/span\u003e" } ], "value": "A vulnerability in the SonicWall SMA100 SSLVPN firmware 10.2.1.13-72sv and earlier versions mod_httprp library loaded by the Apache web server allows remote attackers to cause Stack-based buffer overflow and potentially lead to code execution." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-121", "description": "CWE-121 Stack-based Buffer Overflow", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-12-05T13:59:35.490Z", "orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315", "shortName": "sonicwall" }, "references": [ { "tags": [ "vendor-advisory" ], "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0018" } ], "source": { "advisory": "SNWLID-2024-0018", "discovery": "EXTERNAL" }, "x_generator": { "engine": "Vulnogram 0.2.0" } } }, "cveMetadata": { "assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315", "assignerShortName": "sonicwall", "cveId": "CVE-2024-53703", "datePublished": "2024-12-05T13:59:35.490Z", "dateReserved": "2024-11-22T09:54:04.963Z", "dateUpdated": "2024-12-07T04:55:30.933Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2024-45319 (GCVE-0-2024-45319)
Vulnerability from cvelistv5
Published
2024-12-05 13:50
Modified
2024-12-05 16:56
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-798 - Use of Hard-coded Credentials
Summary
A vulnerability in the SonicWall SMA100 SSLVPN
firmware 10.2.1.13-72sv and earlier versions allows a remote authenticated attacker can circumvent the certificate requirement during authentication.
References
URL | Tags | ||||
---|---|---|---|---|---|
|
Impacted products
{ "containers": { "adp": [ { "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 6.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "version": "3.1" } }, { "other": { "content": { "id": "CVE-2024-45319", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-12-05T16:55:47.591036Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-12-05T16:56:09.484Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unknown", "platforms": [ "Linux" ], "product": "SMA100", "vendor": "SonicWall", "versions": [ { "status": "affected", "version": "10.2.1.13-72sv and earlier versions" } ] } ], "credits": [ { "lang": "en", "type": "reporter", "value": "Alain Mowat of Orange Cyberdefense, Switzerland." } ], "datePublic": "2024-12-05T01:22:00.000Z", "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA vulnerability in the SonicWall SMA100 SSLVPN \n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003efirmware\u0026nbsp;\u003c/span\u003e10.2.1.13-72sv and earlier versions allows a remote authenticated attacker can circumvent the certificate requirement during authentication.\u003c/span\u003e\n\n\u003c/span\u003e\n\n\u003c/span\u003e" } ], "value": "A vulnerability in the SonicWall SMA100 SSLVPN \n\nfirmware\u00a010.2.1.13-72sv and earlier versions allows a remote authenticated attacker can circumvent the certificate requirement during authentication." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-798", "description": "CWE-798 Use of Hard-coded Credentials", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-12-05T13:50:28.768Z", "orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315", "shortName": "sonicwall" }, "references": [ { "tags": [ "vendor-advisory" ], "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0018" } ], "source": { "advisory": "SNWLID-2024-0018", "discovery": "EXTERNAL" }, "x_generator": { "engine": "Vulnogram 0.2.0" } } }, "cveMetadata": { "assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315", "assignerShortName": "sonicwall", "cveId": "CVE-2024-45319", "datePublished": "2024-12-05T13:50:28.768Z", "dateReserved": "2024-08-26T20:20:45.693Z", "dateUpdated": "2024-12-05T16:56:09.484Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2024-53702 (GCVE-0-2024-53702)
Vulnerability from cvelistv5
Published
2024-12-05 13:53
Modified
2024-12-05 15:10
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-338 - Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)
Summary
Use of cryptographically weak pseudo-random number generator (PRNG) vulnerability in the SonicWall SMA100 SSLVPN backup code generator that, in certain cases, can be predicted by an attacker, potentially exposing the generated secret.
References
URL | Tags | ||||
---|---|---|---|---|---|
|
Impacted products
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:o:sonicwall:sma100_firmware:*:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "sma100_firmware", "vendor": "sonicwall", "versions": [ { "lessThanOrEqual": "10.2.1.13-72sv", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1" } }, { "other": { "content": { "id": "CVE-2024-53702", "options": [ { "Exploitation": "none" }, { "Automatable": "yes" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-12-05T15:07:30.378191Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-12-05T15:10:12.280Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unknown", "platforms": [ "Linux" ], "product": "SMA100", "vendor": "SonicWall", "versions": [ { "status": "affected", "version": "10.2.1.13-72sv and earlier versions" } ] } ], "credits": [ { "lang": "en", "type": "reporter", "value": "Alain Mowat of Orange Cyberdefense, Switzerland." } ], "datePublic": "2024-12-05T01:22:00.000Z", "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eUse of cryptographically weak pseudo-random number generator (PRNG) vulnerability in the SonicWall SMA100 SSLVPN backup code generator that, in certain cases, can be predicted by an attacker, potentially exposing the generated secret.\u003c/span\u003e\n\n\u003c/span\u003e\n\n\u003c/span\u003e\n\n\u003c/span\u003e" } ], "value": "Use of cryptographically weak pseudo-random number generator (PRNG) vulnerability in the SonicWall SMA100 SSLVPN backup code generator that, in certain cases, can be predicted by an attacker, potentially exposing the generated secret." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-338", "description": "CWE-338 Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-12-05T13:53:37.282Z", "orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315", "shortName": "sonicwall" }, "references": [ { "tags": [ "vendor-advisory" ], "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0018" } ], "source": { "advisory": "SNWLID-2024-0018", "discovery": "EXTERNAL" }, "x_generator": { "engine": "Vulnogram 0.2.0" } } }, "cveMetadata": { "assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315", "assignerShortName": "sonicwall", "cveId": "CVE-2024-53702", "datePublished": "2024-12-05T13:53:37.282Z", "dateReserved": "2024-11-22T09:54:04.963Z", "dateUpdated": "2024-12-05T15:10:12.280Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2024-38475 (GCVE-0-2024-38475)
Vulnerability from cvelistv5
Published
2024-07-01 18:15
Modified
2025-07-30 01:36
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-116 - Improper Encoding or Escaping of Output
Summary
Improper escaping of output in mod_rewrite in Apache HTTP Server 2.4.59 and earlier allows an attacker to map URLs to filesystem locations that are permitted to be served by the server but are not intentionally/directly reachable by any URL, resulting in code execution or source code disclosure.
Substitutions in server context that use a backreferences or variables as the first segment of the substitution are affected. Some unsafe RewiteRules will be broken by this change and the rewrite flag "UnsafePrefixStat" can be used to opt back in once ensuring the substitution is appropriately constrained.
References
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
Apache Software Foundation | Apache HTTP Server |
Version: 2.4.0 ≤ 2.4.59 |
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:a:apache:http_server:2.4.0:*:*:*:*:*:*:*" ], "defaultStatus": "unaffected", "product": "http_server", "vendor": "apache", "versions": [ { "lessThanOrEqual": "2.4.59", "status": "affected", "version": "2.4.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:netapp:ontap_9:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "ontap_9", "vendor": "netapp", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 9.1, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.1" } }, { "other": { "content": { "id": "CVE-2024-38475", "options": [ { "Exploitation": "active" }, { "Automatable": "yes" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2025-05-02T03:55:18.245532Z", "version": "2.0.3" }, "type": "ssvc" } }, { "other": { "content": { "dateAdded": "2025-05-01", "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-38475" }, "type": "kev" } } ], "providerMetadata": { "dateUpdated": "2025-07-30T01:36:38.214Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "timeline": [ { "lang": "en", "time": "2025-05-01T00:00:00+00:00", "value": "CVE-2024-38475 added to CISA KEV" } ], "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-09-13T17:04:56.456Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "url": "https://www.blackhat.com/us-24/briefings/schedule/index.html#confusion-attacks-exploiting-hidden-semantic-ambiguity-in-apache-http-server-pre-recorded-40227" }, { "url": "https://github.com/apache/httpd/commit/9a6157d1e2f7ab15963020381054b48782bc18cf" }, { "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://httpd.apache.org/security/vulnerabilities_24.html" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20240712-0001/" }, { "url": "http://www.openwall.com/lists/oss-security/2024/07/01/8" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Apache HTTP Server", "vendor": "Apache Software Foundation", "versions": [ { "lessThanOrEqual": "2.4.59", "status": "affected", "version": "2.4.0", "versionType": "semver" } ] } ], "credits": [ { "lang": "en", "type": "finder", "value": "Orange Tsai (@orange_8361) from DEVCORE" } ], "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "Improper escaping of output in mod_rewrite in Apache HTTP Server 2.4.59 and earlier allows an attacker to map URLs to filesystem locations that are\u0026nbsp;permitted to be served by the server but are not intentionally/directly reachable by any URL, resulting in code execution or source code disclosure. \u003cbr\u003e\u003cbr\u003eSubstitutions in\u0026nbsp;server context that use a backreferences or variables as the first segment of the substitution are affected.\u0026nbsp; Some unsafe RewiteRules will be broken by this change and the rewrite flag \"UnsafePrefixStat\" can be used to opt back in once ensuring the substitution is appropriately constrained." } ], "value": "Improper escaping of output in mod_rewrite in Apache HTTP Server 2.4.59 and earlier allows an attacker to map URLs to filesystem locations that are\u00a0permitted to be served by the server but are not intentionally/directly reachable by any URL, resulting in code execution or source code disclosure. \n\nSubstitutions in\u00a0server context that use a backreferences or variables as the first segment of the substitution are affected.\u00a0 Some unsafe RewiteRules will be broken by this change and the rewrite flag \"UnsafePrefixStat\" can be used to opt back in once ensuring the substitution is appropriately constrained." } ], "metrics": [ { "other": { "content": { "text": "important" }, "type": "Textual description of severity" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-116", "description": "CWE-116 Improper Encoding or Escaping of Output", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-07-12T14:06:09.772Z", "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "shortName": "apache" }, "references": [ { "tags": [ "vendor-advisory" ], "url": "https://httpd.apache.org/security/vulnerabilities_24.html" }, { "url": "https://security.netapp.com/advisory/ntap-20240712-0001/" } ], "source": { "discovery": "UNKNOWN" }, "timeline": [ { "lang": "en", "time": "2024-04-01T12:00:00.000Z", "value": "reported" } ], "title": "Apache HTTP Server weakness in mod_rewrite when first segment of substitution matches filesystem path.", "x_generator": { "engine": "Vulnogram 0.1.0-dev" } } }, "cveMetadata": { "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "assignerShortName": "apache", "cveId": "CVE-2024-38475", "datePublished": "2024-07-01T18:15:12.292Z", "dateReserved": "2024-06-17T11:09:56.096Z", "dateUpdated": "2025-07-30T01:36:38.214Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2024-40763 (GCVE-0-2024-40763)
Vulnerability from cvelistv5
Published
2024-12-05 13:39
Modified
2024-12-07 04:55
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-122 - Heap-based Buffer Overflow
Summary
Heap-based buffer overflow vulnerability in the SonicWall SMA100 SSLVPN due to the use of strcpy. This allows remote authenticated attackers to cause Heap-based buffer overflow and potentially lead to code execution.
References
URL | Tags | ||||
---|---|---|---|---|---|
|
Impacted products
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:o:sonicwall:sma100_firmware:*:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "sma100_firmware", "vendor": "sonicwall", "versions": [ { "lessThanOrEqual": "10.2.1.13-72sv", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" } }, { "other": { "content": { "id": "CVE-2024-40763", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-12-06T00:00:00+00:00", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-12-07T04:55:28.515Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unknown", "platforms": [ "Linux" ], "product": "SMA100", "vendor": "SonicWall", "versions": [ { "status": "affected", "version": "10.2.1.13-72sv and earlier versions" } ] } ], "credits": [ { "lang": "en", "type": "reporter", "value": "Alain Mowat of Orange Cyberdefense, Switzerland." } ], "datePublic": "2024-12-05T01:22:00.000Z", "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eHeap-based buffer overflow vulnerability in the SonicWall SMA100 SSLVPN due to the use of strcpy. This allows remote authenticated attackers to cause Heap-based buffer overflow and potentially lead to code execution.\u003c/span\u003e" } ], "value": "Heap-based buffer overflow vulnerability in the SonicWall SMA100 SSLVPN due to the use of strcpy. This allows remote authenticated attackers to cause Heap-based buffer overflow and potentially lead to code execution." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-122", "description": "CWE-122 Heap-based Buffer Overflow", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-12-05T13:39:19.644Z", "orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315", "shortName": "sonicwall" }, "references": [ { "tags": [ "vendor-advisory" ], "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0018" } ], "source": { "advisory": "SNWLID-2024-0018", "discovery": "EXTERNAL" }, "x_generator": { "engine": "Vulnogram 0.2.0" } } }, "cveMetadata": { "assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315", "assignerShortName": "sonicwall", "cveId": "CVE-2024-40763", "datePublished": "2024-12-05T13:39:19.644Z", "dateReserved": "2024-07-10T15:58:49.461Z", "dateUpdated": "2024-12-07T04:55:28.515Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2024-45318 (GCVE-0-2024-45318)
Vulnerability from cvelistv5
Published
2024-12-05 13:43
Modified
2024-12-09 14:21
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-121 - Stack-based Buffer Overflow
Summary
A vulnerability in the SonicWall SMA100 SSLVPN web management interface allows remote attackers to cause Stack-based buffer overflow and potentially lead to code execution.
References
URL | Tags | ||||
---|---|---|---|---|---|
|
Impacted products
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:o:sonicwall:sma100_firmware:*:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "sma100_firmware", "vendor": "sonicwall", "versions": [ { "lessThanOrEqual": "10.2.1.13-72sv", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" } }, { "other": { "content": { "id": "CVE-2024-45318", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-12-07T04:55:30.666847Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-12-09T14:21:22.642Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unknown", "platforms": [ "Linux" ], "product": "SMA100", "vendor": "SonicWall", "versions": [ { "status": "affected", "version": "10.2.1.13-72sv and earlier versions" } ] } ], "credits": [ { "lang": "en", "type": "reporter", "value": "Alain Mowat of Orange Cyberdefense, Switzerland." } ], "datePublic": "2024-12-05T01:22:00.000Z", "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA vulnerability in the SonicWall SMA100 SSLVPN web management interface allows remote attackers to cause Stack-based buffer overflow and potentially lead to code execution.\u003c/span\u003e\n\n\u003c/span\u003e" } ], "value": "A vulnerability in the SonicWall SMA100 SSLVPN web management interface allows remote attackers to cause Stack-based buffer overflow and potentially lead to code execution." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-121", "description": "CWE-121 Stack-based Buffer Overflow", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-12-05T13:43:31.716Z", "orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315", "shortName": "sonicwall" }, "references": [ { "tags": [ "vendor-advisory" ], "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0018" } ], "source": { "advisory": "SNWLID-2024-0018", "discovery": "EXTERNAL" }, "x_generator": { "engine": "Vulnogram 0.2.0" } } }, "cveMetadata": { "assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315", "assignerShortName": "sonicwall", "cveId": "CVE-2024-45318", "datePublished": "2024-12-05T13:43:31.716Z", "dateReserved": "2024-08-26T20:20:45.693Z", "dateUpdated": "2024-12-09T14:21:22.642Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
Loading…
Loading…
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…