Vulnerability Description
Cross-site scripting (XSS) vulnerability in mainPage in Dell SonicWALL GMS before 7.1 SP2, SonicWALL Analyzer before 7.1 SP2, and SonicWALL UMA E5000 before 7.1 SP2 might allow remote attackers to inject arbitrary web script or HTML via the node_id parameter in a ScreenDisplayManager genNetwork action.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Sonicwall | Global Management System | 7.0 |
| Sonicwall | Uma E5000 | - |
| Sonicwall | Analyzer | 7.0 |
Related Weaknesses (CWE)
References
- http://osvdb.org/103216Broken Link
- http://www.kb.cert.org/vuls/id/727318Third Party AdvisoryUS Government Resource
- http://www.securityfocus.com/bid/65498Third Party AdvisoryVDB Entry
- http://www.sonicwall.com/us/shared/download/Support_Bulletin_GMS_Vulnerability_XVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/91062VDB Entry
- http://osvdb.org/103216Broken Link
- http://www.kb.cert.org/vuls/id/727318Third Party AdvisoryUS Government Resource
- http://www.securityfocus.com/bid/65498Third Party AdvisoryVDB Entry
- http://www.sonicwall.com/us/shared/download/Support_Bulletin_GMS_Vulnerability_XVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/91062VDB Entry
FAQ
What is CVE-2014-0332?
CVE-2014-0332 is a vulnerability with a CVSS score of 4.3 (MEDIUM). Cross-site scripting (XSS) vulnerability in mainPage in Dell SonicWALL GMS before 7.1 SP2, SonicWALL Analyzer before 7.1 SP2, and SonicWALL UMA E5000 before 7.1 SP2 might allow remote attackers to inj...
How severe is CVE-2014-0332?
CVE-2014-0332 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2014-0332?
Check the references section above for vendor advisories and patch information. Affected products include: Sonicwall Global Management System, Sonicwall Uma E5000, Sonicwall Analyzer.