RSS   Podatności dla 'Sonicosv'   RSS

2021-06-23
 
CVE-2021-20019

CWE-200
 

 
A vulnerability in SonicOS where the HTTP server response leaks partial memory by sending a crafted HTTP request, this can potentially lead to an internal sensitive data disclosure vulnerability.

 
2019-12-31
 
CVE-2019-7479

CWE-287
 

 
A vulnerability in SonicOS allow authenticated read-only admin can elevate permissions to configuration mode. This vulnerability affected SonicOS Gen 5 version 5.9.1.12-4o and earlier, Gen 6 version 6.2.7.4-32n, 6.5.1.4-4n, 6.5.2.3-4n, 6.5.3.3-3n, 6.2.7.10-3n, 6.4.1.0-3n, 6.5.3.3-3n, 6.5.1.9-4n and SonicOSv 6.5.0.2-8v_RC363 (VMWARE), 6.5.0.2.8v_RC367 (AZURE), SonicOSv 6.5.0.2.8v_RC368 (AWS), SonicOSv 6.5.0.2.8v_RC366 (HYPER_V).

 
2019-04-02
 
CVE-2019-7477

CWE-327
 

 
A vulnerability in SonicWall SonicOS and SonicOSv TLS CBC Cipher allow remote attackers to obtain sensitive plaintext data when CBC cipher suites are enabled. This vulnerability affected SonicOS Gen 5 version 5.9.1.10 and earlier, Gen 6 version 6.2.7.3, 6.5.1.3, 6.5.2.2, 6.5.3.1, 6.2.7.8, 6.4.0.0, 6.5.1.8, 6.0.5.3-86o and SonicOSv 6.5.0.2-8v_RC363 (VMWARE), 6.5.0.2.8v_RC367 (AZURE), SonicOSv 6.5.0.2.8v_RC368 (AWS), SonicOSv 6.5.0.2.8v_RC366 (HYPER_V).

 
 
CVE-2019-7475

CWE-284
 

 
A vulnerability in SonicWall SonicOS and SonicOSv with management enabled system on specific configuration allow unprivileged user to access advanced routing services. This vulnerability affected SonicOS Gen 5 version 5.9.1.10 and earlier, Gen 6 version 6.2.7.3, 6.5.1.3, 6.5.2.2, 6.5.3.1, 6.2.7.8, 6.4.0.0, 6.5.1.8, 6.0.5.3-86o and SonicOSv 6.5.0.2-8v_RC363 (VMWARE), 6.5.0.2.8v_RC367 (AZURE), SonicOSv 6.5.0.2.8v_RC368 (AWS), SonicOSv 6.5.0.2.8v_RC366 (HYPER_V).

 
 
CVE-2019-7474

CWE-284
 

 
A vulnerability in SonicWall SonicOS and SonicOSv, allow authenticated read-only admin to leave the firewall in an unstable state by downloading certificate with specific extension. This vulnerability affected SonicOS Gen 5 version 5.9.1.10 and earlier, Gen 6 version 6.2.7.3, 6.5.1.3, 6.5.2.2, 6.5.3.1, 6.2.7.8, 6.4.0.0, 6.5.1.8, 6.0.5.3-86o and SonicOSv 6.5.0.2-8v_RC363 (VMWARE), 6.5.0.2.8v_RC367 (AZURE), SonicOSv 6.5.0.2.8v_RC368 (AWS), SonicOSv 6.5.0.2.8v_RC366 (HYPER_V).

 
2018-05-22
 
CVE-2018-3639

CWE-200
 

 
Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Store Bypass (SSB), Variant 4.

 

 >>> Vendor: Sonicwall 41 Produkty
Soho firewall
Soho2
Tele2
SOHO
Content filtering
Soho3
Firmware
Pro100
Pro200
Pro300
Ssl vpn
Ssl vpn2000/4000
Ssl vpn 200
Global vpn client
E-mail security
Sonicos
E-class ssl vpn
Ssl-vpn end-point interrogator/installer activex control
Aventail sra ex virtual appliance
Aventail sra ex6000
Aventail sra ex7000
Aventail sra ex9000
Email security appliance
Scrutinizer
Analyzer
Global management system
Uma e5000 firmware
Network security appliance 2400
Uma em5000
Netextender firmware
Uma em5000 firmware
Cloud global management system
Email security
Secure mobile access
Sonicosv
Web application firewall
Universal management appliance
Viewpoint
Netextender
Sma 500v
Hosted email security


Copyright 2021, cxsecurity.com

 

Back to Top