Vulnerability Description
An Authentication Bypass vulnerability exists in DELL SonicWALL Global Management System (GMS) 4.1, 5.0, 5.1, 6.0, and 7.0, Analyzer 7.0, Universal Management Appliance (UMA) 5.1, 6.0, and 7.0 and ViewPoint 4.1, 5.0, and 6.0 via a crafted request to the SGMS interface, which could let a remote malicious user obtain administrative access.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Sonicwall | Analyzer | 7.0 |
| Sonicwall | Global Management System | 4.1 |
| Sonicwall | Universal Management Appliance | 5.1 |
| Sonicwall | Viewpoint | 4.1 |
Related Weaknesses (CWE)
References
- http://archives.neohapsis.com/archives/bugtraq/2013-01/0075.htmlBroken Link
- http://www.exploit-db.com/exploits/24203ExploitThird Party AdvisoryVDB Entry
- http://www.securityfocus.com/bid/57446Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1028007Third Party AdvisoryVDB Entry
- https://exchange.xforce.ibmcloud.com/vulnerabilities/81366Third Party AdvisoryVDB Entry
- https://packetstormsecurity.com/files/cve/CVE-2013-1360Third Party AdvisoryVDB Entry
- http://archives.neohapsis.com/archives/bugtraq/2013-01/0075.htmlBroken Link
- http://www.exploit-db.com/exploits/24203ExploitThird Party AdvisoryVDB Entry
- http://www.securityfocus.com/bid/57446Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1028007Third Party AdvisoryVDB Entry
- https://exchange.xforce.ibmcloud.com/vulnerabilities/81366Third Party AdvisoryVDB Entry
- https://packetstormsecurity.com/files/cve/CVE-2013-1360Third Party AdvisoryVDB Entry
FAQ
What is CVE-2013-1360?
CVE-2013-1360 is a vulnerability with a CVSS score of 9.8 (CRITICAL). An Authentication Bypass vulnerability exists in DELL SonicWALL Global Management System (GMS) 4.1, 5.0, 5.1, 6.0, and 7.0, Analyzer 7.0, Universal Management Appliance (UMA) 5.1, 6.0, and 7.0 and Vie...
How severe is CVE-2013-1360?
CVE-2013-1360 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2013-1360?
Check the references section above for vendor advisories and patch information. Affected products include: Sonicwall Analyzer, Sonicwall Global Management System, Sonicwall Universal Management Appliance, Sonicwall Viewpoint.