Sonicwall Analytics
15 CVEs affecting Sonicwall Analytics. Latest disclosed: 2023-07-13. Critical: 0, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2023-34137 | | 2023-07-13 | SonicWall GMS and Analytics CAS Web Services application use static values for authentication without proper checks leading to authentication bypass vulnerabil… | |
CVE-2023-34136 | | 2023-07-13 | Vulnerability in SonicWall GMS and Analytics allows unauthenticated attacker to upload files to a restricted location not controlled by the attacker. This issu… | |
CVE-2023-34135 | | 2023-07-13 | Path Traversal vulnerability in SonicWall GMS and Analytics allows a remote authenticated attacker to read arbitrary files from the underlying file system via… | |
CVE-2023-34134 | | 2023-07-13 | Exposure of sensitive information to an unauthorized actor vulnerability in SonicWall GMS and Analytics allows authenticated attacker to read administrator pas… | |
CVE-2023-34133 | | 2023-07-13 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in SonicWall GMS and Analytics allows an unauthenticated att… | |
CVE-2023-34132 | | 2023-07-13 | Use of password hash instead of password for authentication vulnerability in SonicWall GMS and Analytics allows Pass-the-Hash attacks. This issue affects GMS… | |
CVE-2023-34131 | | 2023-07-13 | Exposure of sensitive information to an unauthorized actor vulnerability in SonicWall GMS and Analytics enables an unauthenticated attacker to access restricte… | |
CVE-2023-34130 | | 2023-07-13 | SonicWall GMS and Analytics use outdated Tiny Encryption Algorithm (TEA) with a hardcoded key to encrypt sensitive data. This issue affects GMS: 9.3.2-SP1 and… | |
CVE-2023-34129 | | 2023-07-13 | Improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability in SonicWall GMS and Analytics allows an authenticated remote atta… | |
CVE-2023-34128 | | 2023-07-13 | Tomcat application credentials are hardcoded in SonicWall GMS and Analytics configuration file. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analyti… | |
CVE-2023-34127 | | 2023-07-13 | Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in SonicWall GMS, SonicWall Analytics enables an authe… | |
CVE-2023-34126 | | 2023-07-13 | Vulnerability in SonicWall GMS and Analytics allows an authenticated attacker to upload files on the underlying filesystem with root privileges. This issue aff… | |
CVE-2023-34125 | | 2023-07-13 | Path Traversal vulnerability in GMS and Analytics allows an authenticated attacker to read arbitrary files from the underlying filesystem with root privileges… | |
CVE-2023-34124 | | 2023-07-13 | The authentication mechanism in SonicWall GMS and Analytics Web Services had insufficient checks, allowing authentication bypass. This issue affects GMS: 9.3.2… | |
CVE-2023-34123 | | 2023-07-12 | Use of Hard-coded Cryptographic Key vulnerability in SonicWall GMS, SonicWall Analytics. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5… |