CVE-2023-39278
Severity CVSS v4.0:
Pending analysis
Type:
CWE-787
Out-of-bounds Write
Publication date:
17/10/2023
Last modified:
19/10/2023
Description
SonicOS post-authentication user assertion failure leads to Stack-Based Buffer Overflow vulnerability via main.cgi leads to a firewall crash.<br />
Impact
Base Score 3.x
6.50
Severity 3.x
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:* | 7.0.1-5145 (excluding) | |
| cpe:2.3:h:sonicwall:nsa2700:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:sonicwall:nsa3700:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:sonicwall:nsa4700:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:sonicwall:nsa5700:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:sonicwall:nsa6700:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:sonicwall:nssp10700:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:sonicwall:nssp11700:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:sonicwall:nssp13700:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:sonicwall:nssp15700:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:sonicwall:nsv10:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:sonicwall:nsv100:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:sonicwall:nsv1600:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:sonicwall:nsv200:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:sonicwall:nsv25:-:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page