Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sonicwall global management system 9.3.2 vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2023-34130
SonicWall GMS and Analytics use outdated Tiny Encryption Algorithm (TEA) with a hardcoded key to encrypt sensitive data. This issue affects GMS: 9.3.2-SP1 and previous versions versions; Analytics: 2.5.0.4-R7 and previous versions versions.
Sonicwall Global Management System
Sonicwall Analytics
Sonicwall Global Management System 9.3.2
5.3
CVSSv3
CVE-2023-34131
Exposure of sensitive information to an unauthorized actor vulnerability in SonicWall GMS and Analytics enables an unauthenticated malicious user to access restricted web pages. This issue affects GMS: 9.3.2-SP1 and previous versions versions; Analytics: 2.5.0.4-R7 and previous v...
Sonicwall Global Management System
Sonicwall Analytics
Sonicwall Global Management System 9.3.2
9.8
CVSSv3
CVE-2023-34132
Use of password hash instead of password for authentication vulnerability in SonicWall GMS and Analytics allows Pass-the-Hash attacks. This issue affects GMS: 9.3.2-SP1 and previous versions versions; Analytics: 2.5.0.4-R7 and previous versions versions.
Sonicwall Global Management System
Sonicwall Analytics
Sonicwall Global Management System 9.3.2
6.5
CVSSv3
CVE-2023-34125
Path Traversal vulnerability in GMS and Analytics allows an authenticated malicious user to read arbitrary files from the underlying filesystem with root privileges. This issue affects GMS: 9.3.2-SP1 and previous versions versions; Analytics: 2.5.0.4-R7 and previous versions vers...
Sonicwall Global Management System
Sonicwall Analytics
Sonicwall Global Management System 9.3.2
8.8
CVSSv3
CVE-2023-34126
Vulnerability in SonicWall GMS and Analytics allows an authenticated malicious user to upload files on the underlying filesystem with root privileges. This issue affects GMS: 9.3.2-SP1 and previous versions versions; Analytics: 2.5.0.4-R7 and previous versions versions.
Sonicwall Global Management System
Sonicwall Analytics
Sonicwall Global Management System 9.3.2
9.8
CVSSv3
CVE-2023-34128
Tomcat application credentials are hardcoded in SonicWall GMS and Analytics configuration file. This issue affects GMS: 9.3.2-SP1 and previous versions versions; Analytics: 2.5.0.4-R7 and previous versions versions.
Sonicwall Global Management System
Sonicwall Analytics
Sonicwall Global Management System 9.3.2
7.5
CVSSv3
CVE-2023-34133
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in SonicWall GMS and Analytics allows an unauthenticated malicious user to extract sensitive information from the application database. This issue affects GMS: 9.3.2-SP1 a...
Sonicwall Global Management System
Sonicwall Analytics
Sonicwall Global Management System 9.3.2
6.5
CVSSv3
CVE-2023-34135
Path Traversal vulnerability in SonicWall GMS and Analytics allows a remote authenticated malicious user to read arbitrary files from the underlying file system via web service. This issue affects GMS: 9.3.2-SP1 and previous versions versions; Analytics: 2.5.0.4-R7 and previous v...
Sonicwall Global Management System
Sonicwall Analytics
Sonicwall Global Management System 9.3.2
9.8
CVSSv3
CVE-2023-34136
Vulnerability in SonicWall GMS and Analytics allows unauthenticated malicious user to upload files to a restricted location not controlled by the attacker. This issue affects GMS: 9.3.2-SP1 and previous versions versions; Analytics: 2.5.0.4-R7 and previous versions versions.
Sonicwall Global Management System
Sonicwall Analytics
Sonicwall Global Management System 9.3.2
9.8
CVSSv3
CVE-2023-34137
SonicWall GMS and Analytics CAS Web Services application use static values for authentication without proper checks leading to authentication bypass vulnerability. This issue affects GMS: 9.3.2-SP1 and previous versions versions; Analytics: 2.5.0.4-R7 and previous versions versio...
Sonicwall Global Management System
Sonicwall Analytics
Sonicwall Global Management System 9.3.2
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-52710
arbitrary
CVE-2024-5272
CVE-2024-2961
brute force
remote
CVE-2024-32944
CVE-2024-36241
CVE-2024-5274
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »