CyberSec.Space Logo
Back to CVE Browser

CVE-2019-7475

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.0330%
EPSS Percentile9.83th
PublishedApr 2, 2019
Last ModifiedNov 21, 2024

Vulnerability Description

A vulnerability in SonicWall SonicOS and SonicOSv with management enabled system on specific configuration allow unprivileged user to access advanced routing services. This vulnerability affected SonicOS Gen 5 version 5.9.1.10 and earlier, Gen 6 version 6.2.7.3, 6.5.1.3, 6.5.2.2, 6.5.3.1, 6.2.7.8, 6.4.0.0, 6.5.1.8, 6.0.5.3-86o and SonicOSv 6.5.0.2-8v_RC363 (VMWARE), 6.5.0.2.8v_RC367 (AZURE), SonicOSv 6.5.0.2.8v_RC368 (AWS), SonicOSv 6.5.0.2.8v_RC366 (HYPER_V).

Affected Platforms (CPE)

πŸ’»
Sonicwall

Sonicos

<= 5.9.1.10
πŸ’»
Sonicwall

Sonicos

= 6.0.5.3-86o
πŸ’»
Sonicwall

Sonicos

= 6.2.7.3
πŸ’»
Sonicwall

Sonicos

= 6.2.7.8
πŸ’»
Sonicwall

Sonicos

= 6.4.0.0
πŸ’»
Sonicwall

Sonicos

= 6.5.1.3
πŸ’»
Sonicwall

Sonicos

= 6.5.1.8
πŸ’»
Sonicwall

Sonicos

= 6.5.2.2
πŸ’»
Sonicwall

Sonicos

= 6.5.3.1
πŸ’»
Sonicwall

Sonicosv

= 6.5.0.2-8v_rc363
πŸ’»
Sonicwall

Sonicosv

= 6.5.0.2.8v_rc366
πŸ’»
Sonicwall

Sonicosv

= 6.5.0.2.8v_rc367
πŸ’»
Sonicwall

Sonicosv

= 6.5.0.2.8v_rc368

References & Advisories

πŸ”— https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0002
πŸ”— https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0002

Related Vulnerabilities

CVE-2020-51359.8

A buffer overflow vulnerability in SonicOS allows a remote attacker to cause Denial of Service (DoS) and potentially execute arbit...

CVE-2021-200468.8

A Stack-based buffer overflow in the SonicOS HTTP Content-Length response header allows a remote authenticated attacker to cause D...

CVE-2021-200488.8

A Stack-based buffer overflow in the SonicOS SessionID HTTP response header allows a remote authenticated attacker to cause Denial...

CVE-2019-74877.8

Installation of the SonicOS SSLVPN NACagent 3.5 on the Windows operating system, an autorun value is created does not put the path...