CVE-2019-7476
26.04.2019, 21:29
A vulnerability in SonicWall Global Management System (GMS), allow a remote user to gain access to the appliance using existing SSH key. This vulnerability affects GMS versions 9.1, 9.0, 8.7, 8.6, 8.4, 8.3 and earlier.Enginsight
| Vendor | Product | Version |
|---|---|---|
| sonicwall | global_management_system | 𝑥 ≤ 8.3 |
| sonicwall | global_management_system | 8.4 |
| sonicwall | global_management_system | 8.6 |
| sonicwall | global_management_system | 8.7 |
| sonicwall | global_management_system | 9.0 |
| sonicwall | global_management_system | 9.1 |
𝑥
= Vulnerable software versions
Common Weakness Enumeration
- CWE-284 - Improper Access ControlThe software does not restrict or incorrectly restricts access to a resource from an unauthorized actor.
- CWE-1188 - Insecure Default Initialization of ResourceThe software initializes or sets a resource with a default that is intended to be changed by the administrator, but the default is not secure.