SonicOS post-authentication stack-based buffer overflow vulnerability in the sonicflow.csv and appflowsessions.csv URL endpoints leads to a firewall crash.
References
| Link | Resource |
|---|---|
| https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0012 | Vendor Advisory |
| https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0012 | Vendor Advisory |
Configurations
Configuration 1 (hide)
| AND |
|
Configuration 2 (hide)
| AND |
|
Configuration 3 (hide)
| AND |
|
History
21 Nov 2024, 08:15
| Type | Values Removed | Values Added |
|---|---|---|
| References | () https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0012 - Vendor Advisory |
19 Oct 2023, 16:44
| Type | Values Removed | Values Added |
|---|---|---|
| First Time |
Sonicwall sm 9200
Sonicwall tz470w Sonicwall nsv10 Sonicwall nsa 4650 Sonicwall nsa3700 Sonicwall nssp13700 Sonicwall tz 300p Sonicwall sonicos Sonicwall sm 9650 Sonicwall soho 250w Sonicwall sohow Sonicwall nsv100 Sonicwall tz270w Sonicwall nsa 5600 Sonicwall nsa 2650 Sonicwall sm 9250 Sonicwall tz 300 Sonicwall tz 400 Sonicwall nsa 5650 Sonicwall nsv25 Sonicwall nsa5700 Sonicwall tz 350 Sonicwall tz 500 Sonicwall nsa 3650 Sonicwall tz370w Sonicwall soho 250 Sonicwall tz270 Sonicwall nsa2700 Sonicwall sm 9400 Sonicwall sm 9600 Sonicwall nsv1600 Sonicwall tz670 Sonicwall nsa 4600 Sonicwall nssp10700 Sonicwall tz370 Sonicwall nsv870 Sonicwall tz 600p Sonicwall nsv50 Sonicwall tz570w Sonicwall nsv300 Sonicwall nsv200 Sonicwall nsv400 Sonicwall tz 300w Sonicwall tz 500w Sonicwall nssp15700 Sonicwall nsv470 Sonicwall nsa6700 Sonicwall nsv800 Sonicwall tz470 Sonicwall nsv270 Sonicwall sm 9450 Sonicwall nsa 6650 Sonicwall Sonicwall nsa 2600 Sonicwall tz 600 Sonicwall tz 400w Sonicwall nsa 6600 Sonicwall nssp11700 Sonicwall tz570p Sonicwall tz570 Sonicwall nsa 3600 Sonicwall nsa4700 |
|
| References | (MISC) https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0012 - Vendor Advisory | |
| CPE | cpe:2.3:h:sonicwall:tz570w:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsv100:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsv25:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:soho_250:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz_600p:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz370:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsv50:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nssp11700:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz_300w:-:*:*:*:*:*:*:* cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsv800:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz_600:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nssp13700:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsv300:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nssp10700:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:sohow:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsv270:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:sm_9250:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsa5700:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsv470:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz270w:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsa_4650:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:soho_250w:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz_300p:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz370w:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsv870:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsa_5600:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz_400w:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:sm_9200:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz670:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:sm_9450:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsa_3650:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz_300:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz_350:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsa4700:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsa6700:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz_400:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz_500:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz_500w:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsa_2600:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz570p:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz470:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:sm_9400:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsa_5650:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsa2700:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsv1600:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsa_3600:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:sm_9650:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsa_6650:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz470w:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz270:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsa_6600:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsa_4600:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz570:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nssp15700:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsv10:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsa3700:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsv400:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsa_2650:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsv200:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:sm_9600:-:*:*:*:*:*:*:* |
|
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 6.5 |
| CWE | CWE-787 |
17 Oct 2023, 23:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2023-10-17 23:15
Updated : 2024-11-21 08:15
NVD link : CVE-2023-39277
Mitre link : CVE-2023-39277
CVE.ORG link : CVE-2023-39277
JSON object : View
Products Affected
sonicwall
- nsa_4650
- nsa_3600
- sonicos
- tz_350
- nsa_2650
- nsv25
- tz370w
- nsv50
- nsa6700
- nssp10700
- nsa_4600
- nsa_3650
- nsa3700
- sm_9450
- tz_300p
- sohow
- nsv870
- nssp15700
- nsv200
- tz270w
- nsv1600
- sm_9650
- soho_250w
- nsa2700
- tz470w
- sm_9400
- tz570
- nsv470
- nsa_2600
- tz_400
- nsa_5650
- nsv100
- tz_300w
- tz370
- nsv300
- sm_9250
- tz_300
- tz570p
- tz_500w
- nsa4700
- tz_500
- sm_9200
- tz570w
- nsa_5600
- sm_9600
- nsa_6650
- tz270
- nssp13700
- nsv400
- nsa_6600
- nssp11700
- tz_600
- soho_250
- tz670
- tz470
- tz_400w
- tz_600p
- nsv270
- nsa5700
- nsv800
- nsv10