CVSS: 9.8EPSS: 0%CPEs: 13EXPL: 0CVE-2019-7475
https://notcve.org/view.php?id=CVE-2019-7475
02 Apr 2019 — A vulnerability in SonicWall SonicOS and SonicOSv with management enabled system on specific configuration allow unprivileged user to access advanced routing services. This vulnerability affected SonicOS Gen 5 version 5.9.1.10 and earlier, Gen 6 version 6.2.7.3, 6.5.1.3, 6.5.2.2, 6.5.3.1, 6.2.7.8, 6.4.0.0, 6.5.1.8, 6.0.5.3-86o and SonicOSv 6.5.0.2-8v_RC363 (VMWARE), 6.5.0.2.8v_RC367 (AZURE), SonicOSv 6.5.0.2.8v_RC368 (AWS), SonicOSv 6.5.0.2.8v_RC366 (HYPER_V). Una vulnerabilidad en SonicWall, SonicOS y Soni... • https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0002 • CWE-284: Improper Access Control •
CVSS: 6.5EPSS: 0%CPEs: 13EXPL: 0CVE-2019-7474
https://notcve.org/view.php?id=CVE-2019-7474
02 Apr 2019 — A vulnerability in SonicWall SonicOS and SonicOSv, allow authenticated read-only admin to leave the firewall in an unstable state by downloading certificate with specific extension. This vulnerability affected SonicOS Gen 5 version 5.9.1.10 and earlier, Gen 6 version 6.2.7.3, 6.5.1.3, 6.5.2.2, 6.5.3.1, 6.2.7.8, 6.4.0.0, 6.5.1.8, 6.0.5.3-86o and SonicOSv 6.5.0.2-8v_RC363 (VMWARE), 6.5.0.2.8v_RC367 (AZURE), SonicOSv 6.5.0.2.8v_RC368 (AWS), SonicOSv 6.5.0.2.8v_RC366 (HYPER_V). Una vulnerabilidad en SonicWall, ... • https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0001 • CWE-248: Uncaught Exception CWE-755: Improper Handling of Exceptional Conditions •
CVSS: 5.5EPSS: 0%CPEs: 13EXPL: 0CVE-2018-9867
https://notcve.org/view.php?id=CVE-2018-9867
19 Feb 2019 — In SonicWall SonicOS, administrators without full permissions can download imported certificates. Occurs when administrators who are not in the SonicWall Administrators user group attempt to download imported certificates. This vulnerability affected SonicOS Gen 5 version 5.9.1.10 and earlier, Gen 6 version 6.2.7.3, 6.5.1.3, 6.5.2.2, 6.5.3.1, 6.2.7.8, 6.4.0.0, 6.5.1.8, 6.0.5.3-86o and SonicOSv 6.5.0.2-8v_RC363 (VMWARE), 6.5.0.2.8v_RC367 (AZURE), SonicOSv 6.5.0.2.8v_RC368 (AWS), SonicOSv 6.5.0.2.8v_RC366 (HY... • https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0017 • CWE-285: Improper Authorization CWE-732: Incorrect Permission Assignment for Critical Resource •