Vulnerability Description
The GMS ViewPoint (GMSVP) web application in Dell Sonicwall GMS, Analyzer, and UMA EM5000 before 7.2 SP4 allows remote authenticated users to execute arbitrary commands via vectors related to configuration.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Sonicwall | Uma Em5000 Firmware | <= 7.2 |
| Sonicwall | Uma Em5000 | - |
| Sonicwall | Analyzer | <= 7.2 |
| Sonicwall | Global Management System | <= 7.2 |
Related Weaknesses (CWE)
References
- http://www.securityfocus.com/bid/74756
- http://www.securitytracker.com/id/1032373
- http://www.zerodayinitiative.com/advisories/ZDI-15-231/
- https://support.software.dell.com/product-notification/152178
- http://www.securityfocus.com/bid/74756
- http://www.securitytracker.com/id/1032373
- http://www.zerodayinitiative.com/advisories/ZDI-15-231/
- https://support.software.dell.com/product-notification/152178
FAQ
What is CVE-2015-3990?
CVE-2015-3990 is a vulnerability with a CVSS score of 9.0 (HIGH). The GMS ViewPoint (GMSVP) web application in Dell Sonicwall GMS, Analyzer, and UMA EM5000 before 7.2 SP4 allows remote authenticated users to execute arbitrary commands via vectors related to configur...
How severe is CVE-2015-3990?
CVE-2015-3990 has been rated HIGH with a CVSS base score of 9.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2015-3990?
Check the references section above for vendor advisories and patch information. Affected products include: Sonicwall Uma Em5000 Firmware, Sonicwall Uma Em5000, Sonicwall Analyzer, Sonicwall Global Management System.