CyberSec.Space Logo
Back to CVE Browser

CVE-2013-1360

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.1390%
EPSS Percentile32.64th
PublishedFeb 11, 2020
Last ModifiedNov 21, 2024

Vulnerability Description

An Authentication Bypass vulnerability exists in DELL SonicWALL Global Management System (GMS) 4.1, 5.0, 5.1, 6.0, and 7.0, Analyzer 7.0, Universal Management Appliance (UMA) 5.1, 6.0, and 7.0 and ViewPoint 4.1, 5.0, and 6.0 via a crafted request to the SGMS interface, which could let a remote malicious user obtain administrative access.

Affected Platforms (CPE)

πŸ“¦
Sonicwall

Analyzer

= 7.0
πŸ“¦
Sonicwall

Global Management System

= 4.1
πŸ“¦
Sonicwall

Global Management System

= 5.0
πŸ“¦
Sonicwall

Global Management System

= 5.1
πŸ“¦
Sonicwall

Global Management System

= 6.0
πŸ“¦
Sonicwall

Global Management System

= 7.0
πŸ“¦
Sonicwall

Universal Management Appliance

= 5.1
πŸ“¦
Sonicwall

Universal Management Appliance

= 6.0
πŸ“¦
Sonicwall

Universal Management Appliance

= 7.0
πŸ“¦
Sonicwall

Viewpoint

= 4.1
πŸ“¦
Sonicwall

Viewpoint

= 5.0
πŸ“¦
Sonicwall

Viewpoint

= 6.0

References & Advisories

πŸ”— http://archives.neohapsis.com/archives/bugtraq/2013-01/0075.html
πŸ”— http://www.exploit-db.com/exploits/24203
πŸ”— http://www.securityfocus.com/bid/57446
πŸ”— http://www.securitytracker.com/id/1028007
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/81366
πŸ”— https://packetstormsecurity.com/files/cve/CVE-2013-1360
πŸ”— http://archives.neohapsis.com/archives/bugtraq/2013-01/0075.html
πŸ”— http://www.exploit-db.com/exploits/24203

Related Vulnerabilities

CVE-2020-2949510.0

DELL EMC Avamar Server, versions 19.1, 19.2, 19.3, contain an OS Command Injection Vulnerability in Fitness Analyzer. A remote una...

CVE-2006-383810.0

Multiple stack-based buffer overflows in eIQnetworks Enterprise Security Analyzer (ESA) before 2.5.0, as used in products includin...

CVE-2020-2949310.0

DELL EMC Avamar Server, versions 19.1, 19.2, 19.3, contain a SQL Injection Vulnerability in Fitness Analyzer. A remote unauthentic...

CVE-2007-205910.0

Multiple buffer overflows in the ESA protocol implementation in eIQnetworks Enterprise Security Analyzer (ESA) 2.5 allow remote at...