Vulnerabilities > CVE-2023-34132 - Unspecified vulnerability in Sonicwall Analytics and Global Management System
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
Use of password hash instead of password for authentication vulnerability in SonicWall GMS and Analytics allows Pass-the-Hash attacks. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions.
Vulnerable Configurations
References
- http://packetstormsecurity.com/files/174571/Sonicwall-GMS-9.9.9320-Remote-Code-Execution.html
- https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0010
- https://www.sonicwall.com/support/notices/230710150218060
- http://packetstormsecurity.com/files/174571/Sonicwall-GMS-9.9.9320-Remote-Code-Execution.html
- https://www.sonicwall.com/support/notices/230710150218060
- https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0010