Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
global management system vulnerabilities and exploits
(subscribe to this query)
8.1
CVSSv3
CVE-2019-7476
A vulnerability in SonicWall Global Management System (GMS), allow a remote user to gain access to the appliance using existing SSH key. This vulnerability affects GMS versions 9.1, 9.0, 8.7, 8.6, 8.4, 8.3 and previous versions.
Sonicwall Global Management System 9.1
Sonicwall Global Management System
Sonicwall Global Management System 8.4
Sonicwall Global Management System 8.6
Sonicwall Global Management System 8.7
Sonicwall Global Management System 9.0
9.8
CVSSv3
CVE-2019-7478
A vulnerability in GMS allow unauthenticated user to SQL injection in Webservice module. This vulnerability affected GMS versions GMS 8.4, 8.5, 8.6, 8.7, 9.0 and 9.1.
Sonicwall Global Management System 8.4
Sonicwall Global Management System 8.5
Sonicwall Global Management System 8.6
Sonicwall Global Management System 8.7
Sonicwall Global Management System 9.0
Sonicwall Global Management System 9.1
9.8
CVSSv3
CVE-2022-22280
Improper Neutralization of Special Elements used in an SQL Command leading to Unauthenticated SQL Injection vulnerability, impacting SonicWall GMS 9.3.1-SP2-Hotfix1, Analytics On-Prem 2.5.0.3-2520 and previous versions versions.
Sonicwall Global Management System
Sonicwall Global Management System 9.3.1
Sonicwall Analytics
9.8
CVSSv3
CVE-2023-34124
The authentication mechanism in SonicWall GMS and Analytics Web Services had insufficient checks, allowing authentication bypass. This issue affects GMS: 9.3.2-SP1 and previous versions versions; Analytics: 2.5.0.4-R7 and previous versions versions.
Sonicwall Global Management System
Sonicwall Analytics
Sonicwall Global Management System 9.3.2
6.5
CVSSv3
CVE-2023-34125
Path Traversal vulnerability in GMS and Analytics allows an authenticated malicious user to read arbitrary files from the underlying filesystem with root privileges. This issue affects GMS: 9.3.2-SP1 and previous versions versions; Analytics: 2.5.0.4-R7 and previous versions vers...
Sonicwall Global Management System
Sonicwall Analytics
Sonicwall Global Management System 9.3.2
8.8
CVSSv3
CVE-2023-34126
Vulnerability in SonicWall GMS and Analytics allows an authenticated malicious user to upload files on the underlying filesystem with root privileges. This issue affects GMS: 9.3.2-SP1 and previous versions versions; Analytics: 2.5.0.4-R7 and previous versions versions.
Sonicwall Global Management System
Sonicwall Analytics
Sonicwall Global Management System 9.3.2
8.8
CVSSv3
CVE-2023-34127
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in SonicWall GMS, SonicWall Analytics enables an authenticated malicious user to execute arbitrary code with root privileges. This issue affects GMS: 9.3.2-SP1 and p...
Sonicwall Global Management System
Sonicwall Analytics
Sonicwall Global Management System 9.3.2
9.8
CVSSv3
CVE-2023-34128
Tomcat application credentials are hardcoded in SonicWall GMS and Analytics configuration file. This issue affects GMS: 9.3.2-SP1 and previous versions versions; Analytics: 2.5.0.4-R7 and previous versions versions.
Sonicwall Global Management System
Sonicwall Analytics
Sonicwall Global Management System 9.3.2
8.8
CVSSv3
CVE-2023-34129
Improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability in SonicWall GMS and Analytics allows an authenticated remote malicious user to traverse the directory and extract arbitrary files using Zip Slip method to any location on the u...
Sonicwall Global Management System
Sonicwall Analytics
Sonicwall Global Management System 9.3.2
9.8
CVSSv3
CVE-2023-34130
SonicWall GMS and Analytics use outdated Tiny Encryption Algorithm (TEA) with a hardcoded key to encrypt sensitive data. This issue affects GMS: 9.3.2-SP1 and previous versions versions; Analytics: 2.5.0.4-R7 and previous versions versions.
Sonicwall Global Management System
Sonicwall Analytics
Sonicwall Global Management System 9.3.2
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
administrator privileges
CVE-2024-1579
hardcoded
CVE-2023-20198
CVE-2024-33587
CVE-2024-33449
CVE-2024-4308
HTML injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »