6.5
CVE-2023-39276
- EPSS 0.48%
- Veröffentlicht 17.10.2023 23:15:11
- Zuletzt bearbeitet 21.11.2024 08:15:02
- Quelle PSIRT@sonicwall.com
- Teams Watchlist Login
- Unerledigt Login
SonicOS post-authentication stack-based buffer overflow vulnerability in the getBookmarkList.json URL endpoint leads to a firewall crash.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Sonicwall ≫ Sonicos Version < 7.0.1-5145
Sonicwall ≫ Nsa2700 Version-
Sonicwall ≫ Nsa3700 Version-
Sonicwall ≫ Nsa4700 Version-
Sonicwall ≫ Nsa5700 Version-
Sonicwall ≫ Nsa6700 Version-
Sonicwall ≫ Nssp10700 Version-
Sonicwall ≫ Nssp11700 Version-
Sonicwall ≫ Nssp13700 Version-
Sonicwall ≫ Nssp15700 Version-
Sonicwall ≫ Nsv10 Version-
Sonicwall ≫ Nsv100 Version-
Sonicwall ≫ Nsv1600 Version-
Sonicwall ≫ Nsv200 Version-
Sonicwall ≫ Nsv25 Version-
Sonicwall ≫ Nsv270 Version-
Sonicwall ≫ Nsv300 Version-
Sonicwall ≫ Nsv400 Version-
Sonicwall ≫ Nsv470 Version-
Sonicwall ≫ Nsv50 Version-
Sonicwall ≫ Nsv800 Version-
Sonicwall ≫ Nsv870 Version-
Sonicwall ≫ Tz270 Version-
Sonicwall ≫ Tz270w Version-
Sonicwall ≫ Tz370 Version-
Sonicwall ≫ Tz370w Version-
Sonicwall ≫ Tz470 Version-
Sonicwall ≫ Tz470w Version-
Sonicwall ≫ Tz570 Version-
Sonicwall ≫ Tz570p Version-
Sonicwall ≫ Tz570w Version-
Sonicwall ≫ Tz670 Version-
Sonicwall ≫ Nsa3700 Version-
Sonicwall ≫ Nsa4700 Version-
Sonicwall ≫ Nsa5700 Version-
Sonicwall ≫ Nsa6700 Version-
Sonicwall ≫ Nssp10700 Version-
Sonicwall ≫ Nssp11700 Version-
Sonicwall ≫ Nssp13700 Version-
Sonicwall ≫ Nssp15700 Version-
Sonicwall ≫ Nsv10 Version-
Sonicwall ≫ Nsv100 Version-
Sonicwall ≫ Nsv1600 Version-
Sonicwall ≫ Nsv200 Version-
Sonicwall ≫ Nsv25 Version-
Sonicwall ≫ Nsv270 Version-
Sonicwall ≫ Nsv300 Version-
Sonicwall ≫ Nsv400 Version-
Sonicwall ≫ Nsv470 Version-
Sonicwall ≫ Nsv50 Version-
Sonicwall ≫ Nsv800 Version-
Sonicwall ≫ Nsv870 Version-
Sonicwall ≫ Tz270 Version-
Sonicwall ≫ Tz270w Version-
Sonicwall ≫ Tz370 Version-
Sonicwall ≫ Tz370w Version-
Sonicwall ≫ Tz470 Version-
Sonicwall ≫ Tz470w Version-
Sonicwall ≫ Tz570 Version-
Sonicwall ≫ Tz570p Version-
Sonicwall ≫ Tz570w Version-
Sonicwall ≫ Tz670 Version-
Sonicwall ≫ Sonicos Version < 6.5.4.4-44v-21-2340
Sonicwall ≫ Nsv10 Version-
Sonicwall ≫ Nsv100 Version-
Sonicwall ≫ Nsv1600 Version-
Sonicwall ≫ Nsv200 Version-
Sonicwall ≫ Nsv25 Version-
Sonicwall ≫ Nsv270 Version-
Sonicwall ≫ Nsv300 Version-
Sonicwall ≫ Nsv400 Version-
Sonicwall ≫ Nsv470 Version-
Sonicwall ≫ Nsv50 Version-
Sonicwall ≫ Nsv800 Version-
Sonicwall ≫ Nsv870 Version-
Sonicwall ≫ Nsv100 Version-
Sonicwall ≫ Nsv1600 Version-
Sonicwall ≫ Nsv200 Version-
Sonicwall ≫ Nsv25 Version-
Sonicwall ≫ Nsv270 Version-
Sonicwall ≫ Nsv300 Version-
Sonicwall ≫ Nsv400 Version-
Sonicwall ≫ Nsv470 Version-
Sonicwall ≫ Nsv50 Version-
Sonicwall ≫ Nsv800 Version-
Sonicwall ≫ Nsv870 Version-
Sonicwall ≫ Sonicos Version < 6.5.4.13-105n
Sonicwall ≫ Nsa 2600 Version-
Sonicwall ≫ Nsa 2650 Version-
Sonicwall ≫ Nsa 3600 Version-
Sonicwall ≫ Nsa 3650 Version-
Sonicwall ≫ Nsa 4600 Version-
Sonicwall ≫ Nsa 4650 Version-
Sonicwall ≫ Nsa 5600 Version-
Sonicwall ≫ Nsa 5650 Version-
Sonicwall ≫ Nsa 6600 Version-
Sonicwall ≫ Nsa 6650 Version-
Sonicwall ≫ Sm 9200 Version-
Sonicwall ≫ Sm 9250 Version-
Sonicwall ≫ Sm 9400 Version-
Sonicwall ≫ Sm 9450 Version-
Sonicwall ≫ Sm 9600 Version-
Sonicwall ≫ Sm 9650 Version-
Sonicwall ≫ Soho 250 Version-
Sonicwall ≫ Soho 250w Version-
Sonicwall ≫ Sohow Version-
Sonicwall ≫ Tz 300 Version-
Sonicwall ≫ Tz 300p Version-
Sonicwall ≫ Tz 300w Version-
Sonicwall ≫ Tz 350 Version-
Sonicwall ≫ Tz 400 Version-
Sonicwall ≫ Tz 400w Version-
Sonicwall ≫ Tz 500 Version-
Sonicwall ≫ Tz 500w Version-
Sonicwall ≫ Tz 600 Version-
Sonicwall ≫ Tz 600p Version-
Sonicwall ≫ Nsa 2650 Version-
Sonicwall ≫ Nsa 3600 Version-
Sonicwall ≫ Nsa 3650 Version-
Sonicwall ≫ Nsa 4600 Version-
Sonicwall ≫ Nsa 4650 Version-
Sonicwall ≫ Nsa 5600 Version-
Sonicwall ≫ Nsa 5650 Version-
Sonicwall ≫ Nsa 6600 Version-
Sonicwall ≫ Nsa 6650 Version-
Sonicwall ≫ Sm 9200 Version-
Sonicwall ≫ Sm 9250 Version-
Sonicwall ≫ Sm 9400 Version-
Sonicwall ≫ Sm 9450 Version-
Sonicwall ≫ Sm 9600 Version-
Sonicwall ≫ Sm 9650 Version-
Sonicwall ≫ Soho 250 Version-
Sonicwall ≫ Soho 250w Version-
Sonicwall ≫ Sohow Version-
Sonicwall ≫ Tz 300 Version-
Sonicwall ≫ Tz 300p Version-
Sonicwall ≫ Tz 300w Version-
Sonicwall ≫ Tz 350 Version-
Sonicwall ≫ Tz 400 Version-
Sonicwall ≫ Tz 400w Version-
Sonicwall ≫ Tz 500 Version-
Sonicwall ≫ Tz 500w Version-
Sonicwall ≫ Tz 600 Version-
Sonicwall ≫ Tz 600p Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.48% | 0.645 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 6.5 | 2.8 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
|
CWE-121 Stack-based Buffer Overflow
A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).
CWE-787 Out-of-bounds Write
The product writes data past the end, or before the beginning, of the intended buffer.