CVE-2023-41713
17.10.2023, 23:15
SonicOS Use of Hard-coded Password vulnerability in the 'dynHandleBuyToolbar' demo function.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| sonicwall | sonicos | 𝑥 < 7.0.1-5145 |
| sonicwall | sonicos | 𝑥 < 6.5.4.4-44v-21-2340 |
| sonicwall | sonicos | 𝑥 < 6.5.4.13-105n |
𝑥
= Vulnerable software versions
Early Detection
Affected products identified ahead of NVD analysis through intelligence sources.
| Vendor | Product | Version | Source |
|---|---|---|---|
| sonicwall | sonicos | 𝑥 < 7.0.1-5119 | ADP |
| sonicwall | sonicos | 𝑥 < 7.0.1-5129 | ADP |
| sonicwall | sonicos | 𝑥 < 6.5.4.4-44v-21-2079 | ADP |
| sonicwall | sonicos | 𝑥 < 6.5.4.12-101n | ADP |
Common Weakness Enumeration
- CWE-259 - Use of Hard-coded PasswordThe software contains a hard-coded password, which it uses for its own inbound authentication or for outbound communication to external components.
- CWE-798 - Use of Hard-coded CredentialsThe software contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data.