SonicOS post-authentication Stack-Based Buffer Overflow vulnerability in the getPacketReplayData.json URL endpoint leads to a firewall crash.
References
| Link | Resource |
|---|---|
| https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0012 | Vendor Advisory |
Configurations
Configuration 1 (hide)
| AND |
|
Configuration 2 (hide)
| AND |
|
Configuration 3 (hide)
| AND |
|
History
19 Oct 2023, 16:44
| Type | Values Removed | Values Added |
|---|---|---|
| First Time |
Sonicwall tz 300p
Sonicwall nsv50 Sonicwall tz 400w Sonicwall nsa 2650 Sonicwall nsv270 Sonicwall nsa 3600 Sonicwall sonicos Sonicwall nsa 4650 Sonicwall nsa6700 Sonicwall nssp10700 Sonicwall tz 500w Sonicwall nsv470 Sonicwall nsa 5600 Sonicwall nsa2700 Sonicwall tz 400 Sonicwall tz270w Sonicwall nsv25 Sonicwall nsv400 Sonicwall nsv200 Sonicwall nsv1600 Sonicwall nsv800 Sonicwall nsv870 Sonicwall nsa4700 Sonicwall nsa 2600 Sonicwall nssp13700 Sonicwall nsa5700 Sonicwall tz570p Sonicwall tz370w Sonicwall nssp11700 Sonicwall nsa 4600 Sonicwall Sonicwall nsa 5650 Sonicwall sm 9650 Sonicwall nsa 6650 Sonicwall tz270 Sonicwall nssp15700 Sonicwall tz670 Sonicwall sohow Sonicwall tz470w Sonicwall tz570 Sonicwall nsv100 Sonicwall tz 600p Sonicwall tz 350 Sonicwall nsv300 Sonicwall sm 9450 Sonicwall soho 250 Sonicwall tz 300 Sonicwall soho 250w Sonicwall nsv10 Sonicwall sm 9400 Sonicwall sm 9600 Sonicwall sm 9200 Sonicwall tz370 Sonicwall tz 500 Sonicwall tz 300w Sonicwall tz470 Sonicwall nsa3700 Sonicwall tz 600 Sonicwall tz570w Sonicwall nsa 3650 Sonicwall sm 9250 Sonicwall nsa 6600 |
|
| CWE | CWE-787 | |
| References | (MISC) https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0012 - Vendor Advisory | |
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 6.5 |
| CPE | cpe:2.3:h:sonicwall:nsa_2650:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz_500:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsa2700:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz270w:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsv470:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz570w:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nssp10700:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz670:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsa_4600:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsv25:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsa_6650:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsa_5600:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz_400w:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsv270:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz370w:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:sm_9400:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsv400:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz570:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz470:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:sm_9200:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz_300w:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsa_2600:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz_400:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz370:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsa_5650:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nssp13700:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsa4700:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsv800:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz_300:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz_600p:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz_600:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsv10:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsa3700:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsv200:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsv100:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsv870:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:sm_9250:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nssp11700:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz_300p:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsa_3650:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:sm_9600:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:sm_9650:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsv1600:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz470w:-:*:*:*:*:*:*:* cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsv50:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:soho_250:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz_350:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz270:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsv300:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz570p:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsa6700:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsa_3600:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsa5700:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsa_4650:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:soho_250w:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nssp15700:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz_500w:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:sm_9450:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:sohow:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsa_6600:-:*:*:*:*:*:*:* |
18 Oct 2023, 01:28
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2023-10-17 23:15
Updated : 2023-10-19 16:44
NVD link : CVE-2023-39279
Mitre link : CVE-2023-39279
JSON object : View
Products Affected
sonicwall
- tz670
- sohow
- nsv25
- tz470w
- nsa_5650
- tz_300p
- tz_400
- nsv10
- tz_400w
- tz_500w
- tz_600
- sm_9250
- soho_250w
- nsv50
- tz570
- nsa_4600
- nssp13700
- nsa3700
- nsv800
- nssp15700
- tz570p
- sm_9450
- nsa4700
- nsa2700
- nsv300
- tz270
- sm_9650
- nsa6700
- sm_9600
- tz_350
- tz_500
- nsa_2600
- nsa_6600
- sm_9200
- nssp11700
- tz370w
- sm_9400
- tz_300
- nssp10700
- tz270w
- nsv870
- nsv1600
- tz570w
- tz470
- nsa_3600
- nsv100
- nsv400
- nsa_5600
- nsa_3650
- tz_600p
- nsa_4650
- soho_250
- nsv200
- nsa_2650
- tz_300w
- nsv270
- nsa_6650
- nsv470
- nsa5700
- tz370
- sonicos
CWE
CWE-787
Out-of-bounds Write