CyberSec.Space Logo
返回 CVE 浏览器

CVE-2019-7475

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.0330%
EPSS Percentile9.83th
Published2019年4月2日
Last Modified2024年11月21日

Vulnerability Description

A vulnerability in SonicWall SonicOS and SonicOSv with management enabled system on specific configuration allow unprivileged user to access advanced routing services. This vulnerability affected SonicOS Gen 5 version 5.9.1.10 and earlier, Gen 6 version 6.2.7.3, 6.5.1.3, 6.5.2.2, 6.5.3.1, 6.2.7.8, 6.4.0.0, 6.5.1.8, 6.0.5.3-86o and SonicOSv 6.5.0.2-8v_RC363 (VMWARE), 6.5.0.2.8v_RC367 (AZURE), SonicOSv 6.5.0.2.8v_RC368 (AWS), SonicOSv 6.5.0.2.8v_RC366 (HYPER_V).

Affected Platforms (CPE)

💻
Sonicwall

Sonicos

<= 5.9.1.10
💻
Sonicwall

Sonicos

= 6.0.5.3-86o
💻
Sonicwall

Sonicos

= 6.2.7.3
💻
Sonicwall

Sonicos

= 6.2.7.8
💻
Sonicwall

Sonicos

= 6.4.0.0
💻
Sonicwall

Sonicos

= 6.5.1.3
💻
Sonicwall

Sonicos

= 6.5.1.8
💻
Sonicwall

Sonicos

= 6.5.2.2
💻
Sonicwall

Sonicos

= 6.5.3.1
💻
Sonicwall

Sonicosv

= 6.5.0.2-8v_rc363
💻
Sonicwall

Sonicosv

= 6.5.0.2.8v_rc366
💻
Sonicwall

Sonicosv

= 6.5.0.2.8v_rc367
💻
Sonicwall

Sonicosv

= 6.5.0.2.8v_rc368

References & Advisories

🔗 https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0002
🔗 https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0002

相关漏洞威胁

CVE-2020-51359.8

A buffer overflow vulnerability in SonicOS allows a remote attacker to cause Denial of Service (DoS) and potentially execute arbit...

CVE-2021-200468.8

A Stack-based buffer overflow in the SonicOS HTTP Content-Length response header allows a remote authenticated attacker to cause D...

CVE-2021-200488.8

A Stack-based buffer overflow in the SonicOS SessionID HTTP response header allows a remote authenticated attacker to cause Denial...

CVE-2019-74877.8

Installation of the SonicOS SSLVPN NACagent 3.5 on the Windows operating system, an autorun value is created does not put the path...