sonicwall sonicosv Security Vulnerabilities

4 Vulnerabilities

Description
A vulnerability in SonicWall SonicOS and SonicOSv TLS CBC Cipher allow remote attackers to obtain sensitive plaintext data when CBC cipher suites are enabled. This vulnerability affected SonicOS Gen 5 version 5.9.1.10 and earlier, Gen 6 version 6.2.7.3, 6.5.1.3, 6.5.2.2, 6.5.3.1, 6.2.7.8, 6.4.0.0, 6.5.1.8, 6.0.5.3-86o and SonicOSv 6.5.0.2-8v_RC363 (VMWARE), 6.5.0.2.8v_RC367 (AZURE), SonicOSv 6.5.0.2.8v_RC368 (AWS), SonicOSv 6.5.0.2.8v_RC366 (HYPER_V). Impacted versions: 6.5.0.2.8v_rc366, 6.5.0.2.8v_rc368, 6.5.0.2-8v_rc363, 6.5.0.2.8v_rc367 Base Score: 5.0, Severity: MEDIUM, ID: CVE-2019-7477, Last Modified: 2019-10-09T23:52:00Z References Vendor Advisory
A vulnerability in SonicWall SonicOS and SonicOSv with management enabled system on specific configuration allow unprivileged user to access advanced routing services. This vulnerability affected SonicOS Gen 5 version 5.9.1.10 and earlier, Gen 6 version 6.2.7.3, 6.5.1.3, 6.5.2.2, 6.5.3.1, 6.2.7.8, 6.4.0.0, 6.5.1.8, 6.0.5.3-86o and SonicOSv 6.5.0.2-8v_RC363 (VMWARE), 6.5.0.2.8v_RC367 (AZURE), SonicOSv 6.5.0.2.8v_RC368 (AWS), SonicOSv 6.5.0.2.8v_RC366 (HYPER_V). Impacted versions: 6.5.0.2-8v_rc363, 6.5.0.2.8v_rc368, 6.5.0.2.8v_rc366, 6.5.0.2.8v_rc367 Base Score: 7.5, Severity: HIGH, ID: CVE-2019-7475, Last Modified: 2019-10-09T23:52:00Z References Vendor Advisory
A vulnerability in SonicWall SonicOS and SonicOSv, allow authenticated read-only admin to leave the firewall in an unstable state by downloading certificate with specific extension. This vulnerability affected SonicOS Gen 5 version 5.9.1.10 and earlier, Gen 6 version 6.2.7.3, 6.5.1.3, 6.5.2.2, 6.5.3.1, 6.2.7.8, 6.4.0.0, 6.5.1.8, 6.0.5.3-86o and SonicOSv 6.5.0.2-8v_RC363 (VMWARE), 6.5.0.2.8v_RC367 (AZURE), SonicOSv 6.5.0.2.8v_RC368 (AWS), SonicOSv 6.5.0.2.8v_RC366 (HYPER_V). Impacted versions: 6.5.0.2.8v_rc368, 6.5.0.2.8v_rc367, 6.5.0.2-8v_rc363, 6.5.0.2.8v_rc366 Base Score: 4.0, Severity: MEDIUM, ID: CVE-2019-7474, Last Modified: 2019-10-09T23:52:00Z References Vendor Advisory
Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Store Bypass (SSB), Variant 4. Impacted versions: - Base Score: 4.9, Severity: MEDIUM, ID: CVE-2018-3639, Last Modified: 2019-05-23T15:29:00Z References Third Party Advisory Third Party Advisory Third Party Advisory Third Party Advisory Third Party Advisory Third Party Advisory Third Party Advisory Third Party Advisory Third Party Advisory Third Party Advisory Third Party Advisory Third Party Advisory Third Party Advisory Third Party Advisory Third Party Advisory Third Party Advisory Third Party Advisory Third Party Advisory Third Party Advisory Third Party Advisory Third Party Advisory Third Party Advisory Third Party Advisory Third Party Advisory Third Party Advisory Third Party Advisory Third Party Advisory Third Party Advisory Third Party Advisory Third Party Advisory Third Party Advisory Third Party Advisory Third Party Advisory Third Party Advisory Third Party Advisory Third Party Advisory Third Party Advisory Third Party Advisory Third Party Advisory Third Party Advisory Third Party Advisory Third Party Advisory Third Party Advisory Third Party Advisory Third Party Advisory Third Party Advisory Third Party Advisory Third Party Advisory Third Party Advisory Third Party Advisory Third Party Advisory Third Party Advisory Third Party Advisory Third Party Advisory Third Party Advisory Third Party Advisory Third Party Advisory Third Party Advisory Third Party Advisory Third Party Advisory Third Party Advisory Third Party Advisory Third Party Advisory Third Party Advisory Third Party Advisory Third Party Advisory Third Party Advisory Third Party Advisory Third Party Advisory Third Party Advisory Third Party Advisory Third Party Advisory Third Party Advisory Third Party Advisory Third Party Advisory Third Party Advisory Third Party Advisory Third Party Advisory Third Party Advisory Third Party Advisory Third Party Advisory Third Party Advisory Third Party Advisory Third Party Advisory Third Party Advisory Third Party Advisory Third Party Advisory Third Party Advisory Third Party Advisory Third Party Advisory Third Party Advisory Third Party Advisory Third Party Advisory Third Party Advisory Third Party Advisory Third Party Advisory Third Party Advisory Third Party Advisory Third Party Advisory Broken Link Exploit Exploit Exploit Exploit Patch Patch Patch Patch Third Party Advisory Third Party Advisory Mailing List Mailing List Mailing List Mailing List Mailing List Mailing List Third Party Advisory Third Party Advisory Patch Patch Patch Third Party Advisory Third Party Advisory Third Party Advisory Mitigation Mitigation Third Party Advisory Third Party Advisory Third Party Advisory Third Party Advisory Third Party Advisory Third Party Advisory Third Party Advisory Third Party Advisory Third Party Advisory Third Party Advisory Third Party Advisory Third Party Advisory Third Party Advisory Third Party Advisory Third Party Advisory Exploit Exploit Exploit Third Party Advisory Third Party Advisory Third Party Advisory Third Party Advisory Patch Patch Third Party Advisory Third Party Advisory Third Party Advisory

Description

A vulnerability in SonicWall SonicOS and SonicOSv TLS CBC Cipher allow remote attackers to obtain sensitive plaintext data when CBC cipher suites are enabled. This vulnerability affected SonicOS Gen 5 version 5.9.1.10 and earlier, Gen 6 version 6.2.7.3, 6.5.1.3, 6.5.2.2, 6.5.3.1, 6.2.7.8, 6.4.0.0, 6.5.1.8, 6.0.5.3-86o and SonicOSv 6.5.0.2-8v_RC363 (VMWARE), 6.5.0.2.8v_RC367 (AZURE), SonicOSv 6.5.0.2.8v_RC368 (AWS), SonicOSv 6.5.0.2.8v_RC366 (HYPER_V).

Impacted versions: 6.5.0.2.8v_rc366, 6.5.0.2.8v_rc368, 6.5.0.2-8v_rc363, 6.5.0.2.8v_rc367

Base Score: 5.0, Severity: MEDIUM, ID: CVE-2019-7477, Last Modified: 2019-10-09T23:52:00Z

References

Vendor Advisory

A vulnerability in SonicWall SonicOS and SonicOSv with management enabled system on specific configuration allow unprivileged user to access advanced routing services. This vulnerability affected SonicOS Gen 5 version 5.9.1.10 and earlier, Gen 6 version 6.2.7.3, 6.5.1.3, 6.5.2.2, 6.5.3.1, 6.2.7.8, 6.4.0.0, 6.5.1.8, 6.0.5.3-86o and SonicOSv 6.5.0.2-8v_RC363 (VMWARE), 6.5.0.2.8v_RC367 (AZURE), SonicOSv 6.5.0.2.8v_RC368 (AWS), SonicOSv 6.5.0.2.8v_RC366 (HYPER_V).

Impacted versions: 6.5.0.2-8v_rc363, 6.5.0.2.8v_rc368, 6.5.0.2.8v_rc366, 6.5.0.2.8v_rc367

Base Score: 7.5, Severity: HIGH, ID: CVE-2019-7475, Last Modified: 2019-10-09T23:52:00Z

References

Vendor Advisory

A vulnerability in SonicWall SonicOS and SonicOSv, allow authenticated read-only admin to leave the firewall in an unstable state by downloading certificate with specific extension. This vulnerability affected SonicOS Gen 5 version 5.9.1.10 and earlier, Gen 6 version 6.2.7.3, 6.5.1.3, 6.5.2.2, 6.5.3.1, 6.2.7.8, 6.4.0.0, 6.5.1.8, 6.0.5.3-86o and SonicOSv 6.5.0.2-8v_RC363 (VMWARE), 6.5.0.2.8v_RC367 (AZURE), SonicOSv 6.5.0.2.8v_RC368 (AWS), SonicOSv 6.5.0.2.8v_RC366 (HYPER_V).

Impacted versions: 6.5.0.2.8v_rc368, 6.5.0.2.8v_rc367, 6.5.0.2-8v_rc363, 6.5.0.2.8v_rc366

Base Score: 4.0, Severity: MEDIUM, ID: CVE-2019-7474, Last Modified: 2019-10-09T23:52:00Z

References

Vendor Advisory

Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Store Bypass (SSB), Variant 4.

Impacted versions: -

Base Score: 4.9, Severity: MEDIUM, ID: CVE-2018-3639, Last Modified: 2019-05-23T15:29:00Z

References

USAGE: Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.