What is CVE-2016-2397?

CVE-2016-2397 is a critical-severity vulnerability in Sonicwall Analyzer, classified under Command Injection. CVSS score: 9.8/10. Published 2016-02-17.

How severe is CVE-2016-2397?

Critical severity. CVSS v3 base score is 9.8 out of 10.

Is CVE-2016-2397 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

RCE in Sonicwall Analyzer

CVE-2016-2397

The cliserver implementation in Dell SonicWALL GMS, Analyzer, and UMA EM5000 7.2, 8.0, and 8.1 before Hotfix 168056 allows remote attackers to deserialize and execute arbitrary Java code via crafted XML data.

Vulnerability class: Command Injection (OS Command Injection)

EPSS: 0.050 (89.9th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 9.8 (Critical). Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H.

Affected products

Sonicwall Analyzer — versions 7.2, 8.0, 8.1
Sonicwall Global_management_system — versions 7.2, 8.0, 8.1
Sonicwall Uma_em5000
Sonicwall Uma_em5000_firmware — versions 7.2, 8.0, 8.1
N/a — versions n/a

Weakness classification (CWE)

CWE-77 — Command Injection

Public proof-of-concept exploits

PalindromeLabs/Java-Deserialization-CVEs

References

cve@mitre.org (Third Party Advisory, x_refsource_MISC)
1035015 (Third Party Advisory, VDB Entry, vdb-entry, x_refsource_SECTRACK)
cve@mitre.org (x_refsource_CONFIRM, Vendor Advisory)

Frequently asked questions

What is CVE-2016-2397?: CVE-2016-2397 is a critical-severity vulnerability in Sonicwall Analyzer, classified under Command Injection. CVSS score: 9.8/10. Published 2016-02-17.
How severe is CVE-2016-2397?: Critical severity. CVSS v3 base score is 9.8 out of 10.
Is CVE-2016-2397 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.