CVE-2014-8420

EPSS 4.08%
Veröffentlicht 25.11.2014 15:59:04
Zuletzt bearbeitet 12.04.2025 10:46:40
Quelle cve@mitre.org
Teams Watchlist Login
Unerledigt Login

The ViewPoint web application in Dell SonicWALL Global Management System (GMS) before 7.2 SP2, SonicWALL Analyzer before 7.2 SP2, and SonicWALL UMA before 7.2 SP2 allows remote authenticated users to execute arbitrary code via unspecified vectors.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 7

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Sonicwall ≫ Analyzer Version7.2 Updatesp1

Sonicwall ≫ Global Management System Version7.2 Updatesp1

Sonicwall ≫ Uma Em5000 Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	4.08%	0.879

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	9	8	10	AV:N/AC:L/Au:S/C:C/I:C/A:C

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

http://www.securityfocus.com/bid/71241

Third Party Advisory

VDB Entry

http://www.zerodayinitiative.com/advisories/ZDI-14-385/

Third Party Advisory

VDB Entry

https://exchange.xforce.ibmcloud.com/vulnerabilities/98911

VDB Entry

https://support.software.dell.com/product-notification/136814

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2014-8420

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2014-8420

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2014-8420

EUVD