SonicOS post-authentication Improper Privilege Management vulnerability in the SonicOS SSL VPN Tunnel allows users to elevate their privileges inside the tunnel.
References
| Link | Resource |
|---|---|
| https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0012 | Vendor Advisory |
Configurations
Configuration 1 (hide)
| AND |
|
Configuration 2 (hide)
| AND |
|
Configuration 3 (hide)
| AND |
|
History
19 Oct 2023, 16:43
| Type | Values Removed | Values Added |
|---|---|---|
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 8.8 |
| CWE | CWE-269 | |
| CPE | cpe:2.3:h:sonicwall:tz370w:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz670:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz470w:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz_300w:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:sm_9250:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsa_4650:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsv400:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz370:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsa_2650:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:sm_9200:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsa4700:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsv25:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsa_2600:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsv100:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz_350:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:sm_9400:-:*:*:*:*:*:*:* cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsv50:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nssp11700:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsv870:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz_600:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsv270:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz_400:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nssp10700:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsa_5650:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsa_5600:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:soho_250:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:soho_250w:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz470:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz270:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:sm_9650:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsa_6650:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsv1600:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsa_6600:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsa3700:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:sohow:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz_500w:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz_300:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nssp13700:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz_600p:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsa_4600:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsv300:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsv800:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsa6700:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:sm_9600:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nssp15700:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsa5700:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz_500:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz270w:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz570w:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz570p:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsa_3650:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz570:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsv10:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsa2700:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsv470:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsa_3600:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz_400w:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz_300p:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsv200:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:sm_9450:-:*:*:*:*:*:*:* |
|
| References | (MISC) https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0012 - Vendor Advisory | |
| First Time |
Sonicwall tz370w
Sonicwall tz 600 Sonicwall nsa 3650 Sonicwall nsv870 Sonicwall tz570 Sonicwall nsa6700 Sonicwall nsv200 Sonicwall tz 500w Sonicwall nsv1600 Sonicwall nsv400 Sonicwall nsa 5600 Sonicwall nsa5700 Sonicwall nsa3700 Sonicwall tz 350 Sonicwall nsa 4600 Sonicwall tz370 Sonicwall tz270w Sonicwall nsa 4650 Sonicwall nsv50 Sonicwall nsv300 Sonicwall nsa 2650 Sonicwall nsa4700 Sonicwall sohow Sonicwall nsv10 Sonicwall sm 9200 Sonicwall tz270 Sonicwall tz 300 Sonicwall tz 300p Sonicwall nsa2700 Sonicwall nsv800 Sonicwall tz570w Sonicwall tz 600p Sonicwall nsv270 Sonicwall nsv470 Sonicwall tz 300w Sonicwall sm 9400 Sonicwall nsv100 Sonicwall sm 9650 Sonicwall nsa 5650 Sonicwall sonicos Sonicwall nssp10700 Sonicwall sm 9250 Sonicwall tz 500 Sonicwall nsv25 Sonicwall nsa 6600 Sonicwall soho 250w Sonicwall tz 400w Sonicwall tz 400 Sonicwall nssp11700 Sonicwall nssp15700 Sonicwall tz670 Sonicwall nsa 2600 Sonicwall sm 9450 Sonicwall tz470w Sonicwall sm 9600 Sonicwall nsa 3600 Sonicwall soho 250 Sonicwall nsa 6650 Sonicwall nssp13700 Sonicwall tz570p Sonicwall Sonicwall tz470 |
17 Oct 2023, 23:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2023-10-17 23:15
Updated : 2023-12-10 15:14
NVD link : CVE-2023-41715
Mitre link : CVE-2023-41715
CVE.ORG link : CVE-2023-41715
JSON object : View
Products Affected
sonicwall
- nsa_4650
- sm_9650
- nsv300
- tz670
- sm_9600
- tz_300p
- nsa_2650
- nsv25
- nsa2700
- nsa_3600
- sm_9200
- tz_350
- tz_400w
- tz_500
- nsa_2600
- tz_500w
- nssp11700
- tz470
- nsa_3650
- tz_300
- nsa4700
- sohow
- nsv200
- tz570p
- sm_9250
- nssp15700
- nsv100
- tz270
- nsa_5650
- tz470w
- nssp13700
- tz370w
- tz570w
- nsa6700
- nsa_6650
- soho_250
- nsv270
- soho_250w
- tz_300w
- nssp10700
- tz_600p
- nsv50
- nsa5700
- nsv800
- sm_9400
- tz270w
- nsa_5600
- tz570
- nsv10
- nsv1600
- sonicos
- tz_600
- nsv870
- tz370
- nsa_6600
- sm_9450
- tz_400
- nsv470
- nsv400
- nsa3700
- nsa_4600
CWE
CWE-269
Improper Privilege Management