At a glance:
| ID | 35264 |
| Created | Apr 24, 2013 |
| Updated | Apr 23, 2013 |
| Severity |
|
| Coverage |
IPS (Regular DB)
IPS (Extended DB)
|
| Default Action | Unavailable |
| Active | 
|
| Affected OS | |
| Affected App |
Legend
| Enabled/Available |
|
| Disabled/Not Avaliable |
|
Refine Search
Intrusion Prevention
Multiple.SonicWALL.Products.Authentication.Bypass.Vulns
Description
SonicWALL provides VPN and Firewall hardware for Internet security solutions.
Two vulnerabilities exist in multiple SonicWALL products, which could allow remote attackers to obtain and modify sensitive information, as well as bypass the authentication mechanism.
Affected Products
SonicWALL Analyzer 7.x
SonicWALL Global Management System 4.x
SonicWALL Global Management System 5.x
SonicWALL Global Management System 6.x
SonicWALL Global Management System 7.x
SonicWALL UMA 5.x
SonicWALL UMA 6.x
SonicWALL UMA 7.x
SonicWALL ViewPoint 4.x
SonicWALL ViewPoint 5.x
SonicWALL ViewPoint 6.x
Impact
The vulnerability could allow remote attackers to obtain and modify sensitive information, as well as bypass the authentication mechanism.
Recommended Actions
Please apply Hotfix 125076.77 to fix the vulnerablity.
For more information, please refer to SonicWALL 5.0 Hotfix 125076.77 or SonicWALL 6.0 Hotfix 125076.77:
http://seclists.org/fulldisclosure/2013/Jan/125