CVE-2023-44221 - OpenCVE

Improper neutralization of special elements in the SMA100 SSL-VPN management interface allows a remote authenticated attacker with administrative privilege to inject arbitrary commands as a 'nobody' user, potentially leading to OS Command Injection Vulnerability.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Sonicwall	Sma 200 Sma 200 Firmware Sma 210 Sma 210 Firmware Sma 400 Sma 400 Firmware Sma 410 Sma 410 Firmware Sma 500v Sma 500v Firmware

Configuration 1 [-]

AND

cpe:2.3:h:sonicwall:sma_200:-:*:*:*:*:*:*:*

cpe:2.3:o:sonicwall:sma_200_firmware:*:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:o:sonicwall:sma_210_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:sonicwall:sma_210:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND

cpe:2.3:o:sonicwall:sma_400_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:sonicwall:sma_400:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND

cpe:2.3:o:sonicwall:sma_410_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:sonicwall:sma_410:-:*:*:*:*:*:*:*

Configuration 5 [-]

AND

cpe:2.3:o:sonicwall:sma_500v_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:sonicwall:sma_500v:-:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0018

History

No history.

MITRE

Status: PUBLISHED

Assigner: sonicwall

Published: 2023-12-05T20:10:35.186Z

Updated: 2024-08-02T19:59:51.772Z

Reserved: 2023-09-26T23:29:39.790Z

Link: CVE-2023-44221

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2023-12-05T21:15:07.150

Modified: 2023-12-13T15:33:56.183

Link: CVE-2023-44221

Redhat

No data.

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:h:sonicwall:sma_200:-:*:*:*:*:*:*:*", "matchCriteriaId": "0B190266-AD6F-401B-9B2E-061CDD539236", "vulnerable": false}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:sonicwall:sma_200_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "4674E718-3642-4042-82DE-49B845CF2DC6", "versionEndIncluding": "10.2.1.9-57sv", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:sonicwall:sma_210_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "5990A44B-DD34-4B32-B233-9062902EBE9A", "versionEndIncluding": "10.2.1.9-57sv", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:sonicwall:sma_210:-:*:*:*:*:*:*:*", "matchCriteriaId": "51587338-4A5F-41FC-9497-743F061947C2", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:sonicwall:sma_400_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "C82E099E-AAE1-4BD3-B0C0-38326201586C", "versionEndIncluding": "10.2.1.9-57sv", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:sonicwall:sma_400:-:*:*:*:*:*:*:*", "matchCriteriaId": "9D728332-10C9-4508-B720-569D44E99543", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:sonicwall:sma_410_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "E422E9C1-597B-468F-A634-23C54C1F7C74", "versionEndIncluding": "10.2.1.9-57sv", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:sonicwall:sma_410:-:*:*:*:*:*:*:*", "matchCriteriaId": "9DFB8FBC-FFA4-4526-B306-D5692A43DC9E", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:sonicwall:sma_500v_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "B70F00FF-A14D-40F3-9381-817542DE6A7D", "versionEndIncluding": "10.2.1.9-57sv", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:sonicwall:sma_500v:-:*:*:*:*:*:*:*", "matchCriteriaId": "A6AD8A33-7CE4-4C66-9E23-F0C9C9638770", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Improper neutralization of special elements in the SMA100 SSL-VPN management interface allows a remote authenticated attacker with administrative privilege to inject arbitrary commands as a 'nobody' user, potentially leading to OS Command Injection Vulnerability."}, {"lang": "es", "value": "La neutralizaci\u00f3n inadecuada de elementos especiales en la interfaz de administraci\u00f3n SMA100 SSL-VPN permite que un atacante remoto autenticado con privilegios administrativos inyecte comandos arbitrarios como un usuario \"nobody\", lo que podr\u00eda provocar una vulnerabilidad de inyecci\u00f3n de comandos del sistema operativo."}], "id": "CVE-2023-44221", "lastModified": "2023-12-13T15:33:56.183", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.2, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-12-05T21:15:07.150", "references": [{"source": "PSIRT@sonicwall.com", "tags": ["Vendor Advisory"], "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0018"}], "sourceIdentifier": "PSIRT@sonicwall.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-78"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-78"}], "source": "PSIRT@sonicwall.com", "type": "Secondary"}]}