Page 5 of 23 results (0.004 seconds)

CVSS: 4.3EPSS: 0%CPEs: 3EXPL: 3

Cross-site scripting (XSS) vulnerability in sgms/panelManager in Dell SonicWALL GMS, Analyzer, and UMA before 7.2 SP1 allows remote attackers to inject arbitrary web script or HTML via the node_id parameter. Vulnerabilidad de XSS en sgms/panelManager en Dell SonicWALL GMS, Analyzer y UMA anterior a 7.2 SP1 permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrario a través del parámetro node_id. • http://packetstormsecurity.com/files/127575/SonicWALL-GMS-7.2-Build-7221.1701-Cross-Site-Scripting.html http://seclists.org/fulldisclosure/2014/Jul/125 http://secunia.com/advisories/60287 http://www.securityfocus.com/bid/68829 https://support.software.dell.com/product-notification/128245 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 10.0EPSS: 97%CPEs: 12EXPL: 6

An Authentication Bypass Vulnerability exists in DELL SonicWALL Analyzer 7.0, Global Management System (GMS) 4.1, 5.0, 5.1, 6.0, and 7.0; Universal Management Appliance (UMA) 5.1, 6.0, and 7.0 and ViewPoint 4.1, 5.0, 5.1, and 6.0 via the skipSessionCheck parameter to the UMA interface (/appliance/), which could let a remote malicious user obtain access to the root account. Se presenta una Vulnerabilidad de Omisión de Autenticación en DELL SonicWALL Analyzer versión 7.0, Global Management System (GMS) versiones 4.1, 5.0, 5.1, 6.0 y 7.0; Universal Management Appliance (UMA) versiones 5.1, 6.0 y 7.0 y ViewPoint versiones 4.1, 5.0, 5.1 y 6.0 por medio del parámetro skipSessionCheck en la interfaz UMA (/appliance/), lo que podría permitir a un usuario malicioso remoto obtener acceso a la cuenta root. • https://www.exploit-db.com/exploits/24322 https://www.exploit-db.com/exploits/24204 http://www.exploit-db.com/exploits/24204 http://www.exploit-db.com/exploits/24322 http://www.securityfocus.com/bid/57445 http://www.securitytracker.com/id/1028007 https://exchange.xforce.ibmcloud.com/vulnerabilities/81367 https://fortiguard.com/encyclopedia/ips/35264/multiple-sonicwall-products-authentication-bypass-vulns https://packetstormsecurity.com/files/author/7547 https://seclists.org/fulldisclosure/2013&#x • CWE-287: Improper Authentication •

CVSS: 10.0EPSS: 20%CPEs: 12EXPL: 2

An Authentication Bypass vulnerability exists in DELL SonicWALL Global Management System (GMS) 4.1, 5.0, 5.1, 6.0, and 7.0, Analyzer 7.0, Universal Management Appliance (UMA) 5.1, 6.0, and 7.0 and ViewPoint 4.1, 5.0, and 6.0 via a crafted request to the SGMS interface, which could let a remote malicious user obtain administrative access. Se presenta una vulnerabilidad de Omisión de Autenticación en DELL SonicWALL Global Management System (GMS) versiones 4.1, 5.0, 5.1, 6.0 y 7.0, Analyzer versión 7.0, Universal Management Appliance (UMA) versiones 5.1, 6.0 y 7.0 y ViewPoint versiones 4.1, 5.0 y 6.0, por medio de una petición diseñada en la interfaz SGMS, que podría permitir a un usuario malicioso remoto obtener acceso administrativo. SonicWALL GMS/Viewpoint/Analyzer suffers from an authentication bypass vulnerability. • https://www.exploit-db.com/exploits/24203 http://archives.neohapsis.com/archives/bugtraq/2013-01/0075.html http://www.exploit-db.com/exploits/24203 http://www.securityfocus.com/bid/57446 http://www.securitytracker.com/id/1028007 https://exchange.xforce.ibmcloud.com/vulnerabilities/81366 https://packetstormsecurity.com/files/cve/CVE-2013-1360 • CWE-287: Improper Authentication •