SonicWALL Global Management System (GMS) 8.x < 8.2 Multiple Vulnerabilities

high Nessus Plugin ID 96305

Synopsis

A web application running on the remote host is affected by multiple vulnerabilities.

Description

The version of SonicWALL Global Management System (GMS) running on the remote host is 8.x prior to 8.2. It is, therefore, affected by multiple vulnerabilities :

- A SQL injection (SQLi) vulnerability exists in the ImagePreviewServlet servlet due to improper sanitization of user-supplied input to the 'logoID' parameter. An unauthenticated, remote attacker can exploit this to inject or manipulate SQL queries in the back-end database, resulting in the manipulation or disclosure of arbitrary data.

- An unspecified SQL injection (SQLi) vulnerability exists due to improper sanitization of user-supplied input. An unauthenticated, remote attacker can exploit this to inject or manipulate SQL queries in the back-end database, resulting in the manipulation or disclosure of arbitrary data.

- A cross-site scripting (XSS) vulnerability exists due to improper validation of user-supplied input. An unauthenticated, remote attacker can exploit this, via a specially crafted request, to execute arbitrary script code in a user's browser session.

- An unspecified flaw exists that allows an unauthenticated, remote attacker to bypass Adobe Flex.

- An unspecified flaw exists due to improper validation of user-supplied input that allows an unauthenticated, remote attacker to potentially bypass security filters.

Solution

Upgrade to SonicWALL Global Management version 8.2 or later.

See Also

https://support.sonicwall.com/product-notification/215257

https://www.zerodayinitiative.com/advisories/ZDI-16-617/

Plugin Details

Severity: High

ID: 96305

File Name: sonicwall_gms_8_2.nasl

Version: 1.7

Type: remote

Family: CGI abuses

Published: 1/5/2017

Updated: 1/2/2019

Supported Sensors: Nessus

Risk Information

CVSS v2

Risk Factor: High

Base Score: 7.5

Temporal Score: 5.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS v3

Risk Factor: High

Base Score: 8.3

Temporal Score: 7.2

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:sonicwall:global_management_system, cpe:/a:sonicwall:analyzer

Required KB Items: installed_sw/sonicwall_universal_management_suite

Patch Publication Date: 11/29/2016

Vulnerability Publication Date: 11/29/2016

Reference Information