CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 0CVE-2020-5134
https://notcve.org/view.php?id=CVE-2020-5134
12 Oct 2020 — A vulnerability in SonicOS allows an authenticated attacker to cause out-of-bound invalid file reference leads to a firewall crash. This vulnerability affected SonicOS Gen 6 version 6.5.1.12, 6.0.5.3, SonicOSv 6.5.4.v and Gen 7 version 7.0.0.0. Una vulnerabilidad en SonicOS, permite a un atacante autenticado causar una referencia de archivos no válidos fuera del límite que causan un bloqueo del firewall. Esta vulnerabilidad afectó a SonicOS Gen 6 versiones 6.5.1.12, 6.0.5.3, SonicOSv versión 6.5.4.v y Gen 7... • https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2020-0009 • CWE-125: Out-of-bounds Read •
CVSS: 9.8EPSS: 2%CPEs: 5EXPL: 0CVE-2020-5135 – SonicWall SonicOS Buffer Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2020-5135
12 Oct 2020 — A buffer overflow vulnerability in SonicOS allows a remote attacker to cause Denial of Service (DoS) and potentially execute arbitrary code by sending a malicious request to the firewall. This vulnerability affected SonicOS Gen 6 version 6.5.4.7, 6.5.1.12, 6.0.5.3, SonicOSv 6.5.4.v and Gen 7 version 7.0.0.0. Una vulnerabilidad de desbordamiento del búfer en SonicOS, permite a un atacante remoto causar una Denegación de servicio (DoS) y ejecutar potencialmente código arbitrario mediante el envío de una petic... • https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2020-0010 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2020-5133
https://notcve.org/view.php?id=CVE-2020-5133
12 Oct 2020 — A vulnerability in SonicOS allows a remote unauthenticated attacker to cause Denial of Service due to buffer overflow, which leads to a firewall crash. This vulnerability affected SonicOS Gen 6 version 6.5.1.12, 6.0.5.3, SonicOSv 6.5.4.v and Gen 7 version 7.0.0.0. Una vulnerabilidad en SonicOS, permite a un atacante remoto no autenticado causar una denegación de servicio debido a un desbordamiento del búfer, lo que conlleva a un bloqueo del firewall. Esta vulnerabilidad afectó a SonicOS Gen 6 versiones 6.5.... • https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2020-0008 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.2EPSS: 0%CPEs: 13EXPL: 0CVE-2019-7479
https://notcve.org/view.php?id=CVE-2019-7479
31 Dec 2019 — A vulnerability in SonicOS allow authenticated read-only admin can elevate permissions to configuration mode. This vulnerability affected SonicOS Gen 5 version 5.9.1.12-4o and earlier, Gen 6 version 6.2.7.4-32n, 6.5.1.4-4n, 6.5.2.3-4n, 6.5.3.3-3n, 6.2.7.10-3n, 6.4.1.0-3n, 6.5.3.3-3n, 6.5.1.9-4n and SonicOSv 6.5.0.2-8v_RC363 (VMWARE), 6.5.0.2.8v_RC367 (AZURE), SonicOSv 6.5.0.2.8v_RC368 (AWS), SonicOSv 6.5.0.2.8v_RC366 (HYPER_V). Una vulnerabilidad en SonicOS permite que un administrador de solo lectura auten... • https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0012 • CWE-269: Improper Privilege Management CWE-285: Improper Authorization •
CVSS: 7.5EPSS: 0%CPEs: 13EXPL: 0CVE-2019-7477
https://notcve.org/view.php?id=CVE-2019-7477
02 Apr 2019 — A vulnerability in SonicWall SonicOS and SonicOSv TLS CBC Cipher allow remote attackers to obtain sensitive plaintext data when CBC cipher suites are enabled. This vulnerability affected SonicOS Gen 5 version 5.9.1.10 and earlier, Gen 6 version 6.2.7.3, 6.5.1.3, 6.5.2.2, 6.5.3.1, 6.2.7.8, 6.4.0.0, 6.5.1.8, 6.0.5.3-86o and SonicOSv 6.5.0.2-8v_RC363 (VMWARE), 6.5.0.2.8v_RC367 (AZURE), SonicOSv 6.5.0.2.8v_RC368 (AWS), SonicOSv 6.5.0.2.8v_RC366 (HYPER_V). Una vulnerabilidad en el cifrado TLS CBC de SonicWall, S... • https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0003 • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •
CVSS: 9.8EPSS: 0%CPEs: 13EXPL: 0CVE-2019-7475
https://notcve.org/view.php?id=CVE-2019-7475
02 Apr 2019 — A vulnerability in SonicWall SonicOS and SonicOSv with management enabled system on specific configuration allow unprivileged user to access advanced routing services. This vulnerability affected SonicOS Gen 5 version 5.9.1.10 and earlier, Gen 6 version 6.2.7.3, 6.5.1.3, 6.5.2.2, 6.5.3.1, 6.2.7.8, 6.4.0.0, 6.5.1.8, 6.0.5.3-86o and SonicOSv 6.5.0.2-8v_RC363 (VMWARE), 6.5.0.2.8v_RC367 (AZURE), SonicOSv 6.5.0.2.8v_RC368 (AWS), SonicOSv 6.5.0.2.8v_RC366 (HYPER_V). Una vulnerabilidad en SonicWall, SonicOS y Soni... • https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0002 • CWE-284: Improper Access Control •
CVSS: 6.5EPSS: 0%CPEs: 13EXPL: 0CVE-2019-7474
https://notcve.org/view.php?id=CVE-2019-7474
02 Apr 2019 — A vulnerability in SonicWall SonicOS and SonicOSv, allow authenticated read-only admin to leave the firewall in an unstable state by downloading certificate with specific extension. This vulnerability affected SonicOS Gen 5 version 5.9.1.10 and earlier, Gen 6 version 6.2.7.3, 6.5.1.3, 6.5.2.2, 6.5.3.1, 6.2.7.8, 6.4.0.0, 6.5.1.8, 6.0.5.3-86o and SonicOSv 6.5.0.2-8v_RC363 (VMWARE), 6.5.0.2.8v_RC367 (AZURE), SonicOSv 6.5.0.2.8v_RC368 (AWS), SonicOSv 6.5.0.2.8v_RC366 (HYPER_V). Una vulnerabilidad en SonicWall, ... • https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0001 • CWE-248: Uncaught Exception CWE-755: Improper Handling of Exceptional Conditions •
CVSS: 5.5EPSS: 0%CPEs: 13EXPL: 0CVE-2018-9867
https://notcve.org/view.php?id=CVE-2018-9867
19 Feb 2019 — In SonicWall SonicOS, administrators without full permissions can download imported certificates. Occurs when administrators who are not in the SonicWall Administrators user group attempt to download imported certificates. This vulnerability affected SonicOS Gen 5 version 5.9.1.10 and earlier, Gen 6 version 6.2.7.3, 6.5.1.3, 6.5.2.2, 6.5.3.1, 6.2.7.8, 6.4.0.0, 6.5.1.8, 6.0.5.3-86o and SonicOSv 6.5.0.2-8v_RC363 (VMWARE), 6.5.0.2.8v_RC367 (AZURE), SonicOSv 6.5.0.2.8v_RC368 (AWS), SonicOSv 6.5.0.2.8v_RC366 (HY... • https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0017 • CWE-285: Improper Authorization CWE-732: Incorrect Permission Assignment for Critical Resource •