CVE-2014-8420

EPSS 4.08%
Published 25.11.2014 15:59:04
Last modified 12.04.2025 10:46:40
Source cve@mitre.org
Teams watchlist Login
Open Login

The ViewPoint web application in Dell SonicWALL Global Management System (GMS) before 7.2 SP2, SonicWALL Analyzer before 7.2 SP2, and SonicWALL UMA before 7.2 SP2 allows remote authenticated users to execute arbitrary code via unspecified vectors.

Affected products Warnungen 0 Metrics 2 CWE 1 References 7

Data is provided by the National Vulnerability Database (NVD)

Sonicwall ≫ Analyzer Version7.2 Updatesp1

Sonicwall ≫ Global Management System Version7.2 Updatesp1

Sonicwall ≫ Uma Em5000 Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	4.08%	0.879

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	9	8	10	AV:N/AC:L/Au:S/C:C/I:C/A:C

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

http://www.securityfocus.com/bid/71241

Third Party Advisory

VDB Entry

http://www.zerodayinitiative.com/advisories/ZDI-14-385/

Third Party Advisory

VDB Entry

https://exchange.xforce.ibmcloud.com/vulnerabilities/98911

VDB Entry

https://support.software.dell.com/product-notification/136814

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2014-8420

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2014-8420

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2014-8420

EUVD