CVE-2018-5691
Severity CVSS v4.0:
Pending analysis
Type:
CWE-79
Cross-Site Scripting (XSS)
Publication date:
14/01/2018
Last modified:
17/06/2026
Description
SonicWall Global Management System (GMS) 8.1 has XSS via the `newName` and `Name` values of the `/sgms/TreeControl` module.
Impact
Base Score 3.x
5.40
Severity 3.x
MEDIUM
Base Score 2.0
3.50
Severity 2.0
LOW
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:a:sonicwall:analyzer:*:*:*:*:*:*:*:* | 7.0 (including) | 7.2 (including) |
| cpe:2.3:a:sonicwall:analyzer:*:*:*:*:*:*:*:* | 8.1 (including) | 8.4 (including) |
| cpe:2.3:a:sonicwall:global_management_system:*:*:*:*:*:*:*:* | 7.0 (including) | 7.2 (including) |
| cpe:2.3:a:sonicwall:global_management_system:*:*:*:*:*:*:*:* | 8.1 (including) | 8.4 (including) |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- http://documents.software.dell.com/sonicwall-gms-os/8.2/release-notes/known-issues?ParentProduct=867
- https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0003
- https://www.vulnerability-lab.com/get_content.php?id=1819
- http://documents.software.dell.com/sonicwall-gms-os/8.2/release-notes/known-issues?ParentProduct=867
- https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0003
- https://www.vulnerability-lab.com/get_content.php?id=1819



