Filtered by vendor Sonicwall
Subscriptions
Total
187 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2023-34124 | 1 Sonicwall | 2 Analytics, Global Management System | 2024-08-02 | 9.8 Critical |
The authentication mechanism in SonicWall GMS and Analytics Web Services had insufficient checks, allowing authentication bypass. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions. | ||||
CVE-2023-34137 | 1 Sonicwall | 2 Analytics, Global Management System | 2024-08-02 | 9.8 Critical |
SonicWall GMS and Analytics CAS Web Services application use static values for authentication without proper checks leading to authentication bypass vulnerability. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions. | ||||
CVE-2023-5970 | 1 Sonicwall | 10 Sma 200, Sma 200 Firmware, Sma 210 and 7 more | 2024-08-02 | 8.8 High |
Improper authentication in the SMA100 SSL-VPN virtual office portal allows a remote authenticated attacker to create an identical external domain user using accent characters, resulting in an MFA bypass. | ||||
CVE-2023-1101 | 1 Sonicwall | 68 Nsa 2600, Nsa 2650, Nsa 2700 and 65 more | 2024-08-02 | 8.8 High |
SonicOS SSLVPN improper restriction of excessive MFA attempts vulnerability allows an authenticated attacker to use excessive MFA codes. | ||||
CVE-2023-0656 | 1 Sonicwall | 32 Nsa 2700, Nsa 3700, Nsa 4700 and 29 more | 2024-08-02 | 7.5 High |
A Stack-based buffer overflow vulnerability in the SonicOS allows a remote unauthenticated attacker to cause Denial of Service (DoS), which could cause an impacted firewall to crash. | ||||
CVE-2023-0655 | 1 Sonicwall | 1 Email Security | 2024-08-02 | 5.3 Medium |
SonicWall Email Security contains a vulnerability that could permit a remote unauthenticated attacker access to an error page that includes sensitive information about users email addresses. | ||||
CVE-2023-0126 | 1 Sonicwall | 2 Sma1000, Sma1000 Firmware | 2024-08-02 | 7.5 High |
Pre-authentication path traversal vulnerability in SMA1000 firmware version 12.4.2, which allows an unauthenticated attacker to access arbitrary files and directories stored outside the web root directory. |