Vulnerability CVE-2013-1360


Published: 2020-02-11

Description:
An Authentication Bypass vulnerability exists in DELL SonicWALL Global Management System (GMS) 4.1, 5.0, 5.1, 6.0, and 7.0, Analyzer 7.0, Universal Management Appliance (UMA) 5.1, 6.0, and 7.0 and ViewPoint 4.1, 5.0, and 6.0 via a crafted request to the SGMS interface, which could let a remote malicious user obtain administrative access.

See advisories in our WLB2 database:
Topic
Author
Date
High
DELL SonicWALL GMS/Viewpoint/Analyzer Authentication Bypass
Nikolas Sotiriu
18.01.2013

Type:

CWE-287

(Improper Authentication)

CVSS2 => (AV:N/AC:L/Au:N/C:C/I:C/A:C)

CVSS Base Score
Impact Subscore
Exploitability Subscore
10/10
10/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Complete
Complete
Complete
Affected software
Sonicwall -> Analyzer 
Sonicwall -> Global management system 
Sonicwall -> Universal management appliance 
Sonicwall -> Viewpoint 

 References:
http://archives.neohapsis.com/archives/bugtraq/2013-01/0075.html
http://www.exploit-db.com/exploits/24203
http://www.securityfocus.com/bid/57446
http://www.securitytracker.com/id/1028007
https://exchange.xforce.ibmcloud.com/vulnerabilities/81366
https://packetstormsecurity.com/files/cve/CVE-2013-1360

Copyright 2021, cxsecurity.com

 

Back to Top