An improper access control vulnerability has been identified in the SonicWall SonicOS management access, potentially leading to unauthorized resource access and in specific conditions, causing the firewall to crash. This issue affects SonicWall Firewall Gen 5 and Gen 6 devices, as well as Gen 7 devices running SonicOS 7.0.1-5035 and older versions.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HSonicwall Nsa 2650
HWSonicwallwszystkie wersjeSonicwall Nsa 2700
HWSonicwallwszystkie wersjeSonicwall Nsa 3600
HWSonicwallwszystkie wersjeSonicwall Nsa 3650
HWSonicwallwszystkie wersjeSonicwall Nsa 3700
HWSonicwallwszystkie wersjeSonicwall Nsa 4600
HWSonicwallwszystkie wersjeSonicwall Nsa 4650
HWSonicwallwszystkie wersjeSonicwall Nsa 4700
HWSonicwallwszystkie wersjeSonicwall Nsa 5600
HWSonicwallwszystkie wersjeSonicwall Nsa 5650
HWSonicwallwszystkie wersjeSonicwall Nsa 5700
HWSonicwallwszystkie wersjeSonicwall Nsa 6600
HWSonicwallwszystkie wersjeSonicwall Nsa 6650
HWSonicwallwszystkie wersjeSonicwall Nsa 6700
HWSonicwallwszystkie wersjeSonicwall Nssp 10700
HWSonicwallwszystkie wersjeSonicwall Nssp 11700
HWSonicwallwszystkie wersjeSonicwall Nssp 12400
HWSonicwallwszystkie wersjeSonicwall Nssp 12800
HWSonicwallwszystkie wersjeSonicwall Nssp 13700
HWSonicwallwszystkie wersjeSonicwall Sm 9200
HWSonicwallwszystkie wersjeSonicwall Sm 9250
HWSonicwallwszystkie wersjeSonicwall Sm 9400
HWSonicwallwszystkie wersjeSonicwall Sm 9450
HWSonicwallwszystkie wersjeSonicwall Sm 9600
HWSonicwallwszystkie wersjeSonicwall Sm 9650
HWSonicwallwszystkie wersjeSonicwall Sm9800
HWSonicwallwszystkie wersjeSonicwall Soho
HWSonicwallwszystkie wersjeSonicwall Soho 250
HWSonicwallwszystkie wersjeSonicwall Soho 250w
HWSonicwallwszystkie wersjeSonicwall Sohow
HWSonicwallwszystkie wersje
CISA KEV — detailsi
- Vendori
- SonicWall ↗
- Producti
- SonicOS
- Added to KEVi
- September 9, 2024
- Remediation deadline (US Federal)i
- September 30, 2024(overdue)
- Ransomwarei
- Active ransomware campaigns exploit this vulnerability
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
SonicWall SonicOS contains an improper access control vulnerability that could lead to unauthorized resource access and, under certain conditions, may cause the firewall to crash.
Related vulnerabilities
SonicWall SonicOS SSLVPN — pominięcie uwierzytelnienia (Auth Bypass)
A buffer overflow vulnerability in SonicOS allows a remote attacker to cause Denial of Service (DoS) and poten...
SonicOS SSL VPN: format string umożliwia zakłócenie usługi bez uwierzytelnienia
Atak przez fałszowanie odpowiedzi w protokole RADIUS (RFC 2865) via kolizja MD5
Pominięcie uwierzytelnienia w SonicWall SonicOS SSL-VPN (auth bypass)