Vulnerabilities > CVE-2023-39276 - Out-of-bounds Write vulnerability in Sonicwall Sonicos

CVSS 6.5 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

network

low complexity

sonicwall

CWE-787

NVD

Published: 2023-10-17

Updated: 2023-10-19

Summary

SonicOS post-authentication stack-based buffer overflow vulnerability in the getBookmarkList.json URL endpoint leads to a firewall crash.

Vulnerable Configurations

Part	Description	Count
OS	Sonicwall Sonicwall Sonicos - Sonicwall Sonicos 5.0.0.0 Sonicwall Sonicos 5.0.0.6 Sonicwall Sonicos 5.0.0.8 Sonicwall Sonicos 5.0.0.13 Sonicwall Sonicos 5.8.0.0 Sonicwall Sonicos 5.8.0.2 Sonicwall Sonicos 5.8.1.5 Sonicwall Sonicos 5.8.1.10 Sonicwall Sonicos 5.9.0.0 Sonicwall Sonicos 5.9.0.7 Sonicwall Sonicos 5.9.1.0 Sonicwall Sonicos 5.9.1.10 Sonicwall Sonicos 5.9.1.12 Sonicwall Sonicos 5.9.1.12-4O Sonicwall Sonicos 5.9.1.13 Sonicwall Sonicos 6.0.0.0 Sonicwall Sonicos 6.0.5.3 Sonicwall Sonicos 6.0.5.3-86O Sonicwall Sonicos 6.0.5.3-94O Sonicwall Sonicos 6.1.2.0 Sonicwall Sonicos 6.2.0.0 Sonicwall Sonicos 6.2.0.1 Sonicwall Sonicos 6.2.1.0 Sonicwall Sonicos 6.2.2.0 Sonicwall Sonicos 6.2.3.1 Sonicwall Sonicos 6.2.4.0 Sonicwall Sonicos 6.2.4.3 Sonicwall Sonicos 6.2.5.0 Sonicwall Sonicos 6.2.5.3 Sonicwall Sonicos 6.2.6.0 Sonicwall Sonicos 6.2.6.1 Sonicwall Sonicos 6.2.7.0 Sonicwall Sonicos 6.2.7.1 Sonicwall Sonicos 6.2.7.3 Sonicwall Sonicos 6.2.7.4 Sonicwall Sonicos 6.2.7.4-32N Sonicwall Sonicos 6.2.7.5 Sonicwall Sonicos 6.2.7.7 Sonicwall Sonicos 6.2.7.8 Sonicwall Sonicos 6.2.7.10-3N Sonicwall Sonicos 6.2.9.0 Sonicwall Sonicos 6.2.9.1 Sonicwall Sonicos 6.2.9.2 Sonicwall Sonicos 6.4.0.0 Sonicwall Sonicos 6.4.1.0-3N Sonicwall Sonicos 6.5.0.0 Sonicwall Sonicos 6.5.0.3 Sonicwall Sonicos 6.5.1.0 Sonicwall Sonicos 6.5.1.3 Sonicwall Sonicos 6.5.1.4 Sonicwall Sonicos 6.5.1.4-4N Sonicwall Sonicos 6.5.1.5 Sonicwall Sonicos 6.5.1.8 Sonicwall Sonicos 6.5.1.9-4N Sonicwall Sonicos 6.5.1.11 Sonicwall Sonicos 6.5.1.12-3N Sonicwall Sonicos 6.5.2.0 Sonicwall Sonicos 6.5.2.1 Sonicwall Sonicos 6.5.2.2 Sonicwall Sonicos 6.5.2.3 Sonicwall Sonicos 6.5.2.3-4N Sonicwall Sonicos 6.5.3.0 Sonicwall Sonicos 6.5.3.1 Sonicwall Sonicos 6.5.3.3 Sonicwall Sonicos 6.5.3.3-3N Sonicwall Sonicos 6.5.4.0 Sonicwall Sonicos 6.5.4.0. Sonicwall Sonicos 6.5.4.3 Sonicwall Sonicos 6.5.4.4 Sonicwall Sonicos 6.5.4.4-44N Sonicwall Sonicos 6.5.4.4-44V-21-1551 Sonicwall Sonicos 6.5.4.4-44V-21-2340 Sonicwall Sonicos 6.5.4.5 Sonicwall Sonicos 6.5.4.6-79N Sonicwall Sonicos 6.5.4.7 Sonicwall Sonicos 6.5.4.7-83N Sonicwall Sonicos 6.5.4.11-97N Sonicwall Sonicos 6.5.4.13-105N Sonicwall Sonicos 7.0.0.0 Sonicwall Sonicos 7.0.1 Sonicwall Sonicos 7.0.1-5019 Sonicwall Sonicos 7.0.1-5023 Sonicwall Sonicos 7.0.1-5026 Sonicwall Sonicos 7.0.1-5030 Sonicwall Sonicos 7.0.1-5030-R945 Sonicwall Sonicos 7.0.1-5030-R2007 Sonicwall Sonicos 7.0.1-5052 Sonicwall Sonicos 7.0.1-5054 Sonicwall Sonicos 7.0.1-5065 Sonicwall Sonicos 7.0.1-5072 Sonicwall Sonicos 7.0.1-5080 Sonicwall Sonicos 7.0.1-5083 Sonicwall Sonicos 7.0.1-5095 Sonicwall Sonicos 7.0.1-5100 Sonicwall Sonicos 7.0.1-5111 Sonicwall Sonicos 7.0.1-5119 Sonicwall Sonicos 7.0.1-5129	100
Hardware	Sonicwall Sonicwall Nsa2700 - Sonicwall Nsa3700 - Sonicwall Nsa4700 - Sonicwall Nsa5700 - Sonicwall Nsa6700 - Sonicwall Nssp10700 - Sonicwall Nssp11700 - Sonicwall Nssp13700 - Sonicwall Nssp15700 - Sonicwall Nsv10 - Sonicwall Nsv100 - Sonicwall Nsv1600 - Sonicwall Nsv200 - Sonicwall Nsv25 - Sonicwall Nsv270 - Sonicwall Nsv300 - Sonicwall Nsv400 - Sonicwall Nsv470 - Sonicwall Nsv50 - Sonicwall Nsv800 - Sonicwall Nsv870 - Sonicwall Tz270 - Sonicwall Tz270W - Sonicwall Tz370 - Sonicwall Tz370W - Sonicwall Tz470 - Sonicwall Tz470W - Sonicwall Tz570 - Sonicwall Tz570P - Sonicwall Tz570W - Sonicwall Tz670 - Sonicwall NSA 2600 - Sonicwall NSA 2650 - Sonicwall NSA 3600 - Sonicwall NSA 3650 - Sonicwall NSA 4600 - Sonicwall NSA 4650 - Sonicwall NSA 5600 - Sonicwall NSA 5650 - Sonicwall NSA 6600 - Sonicwall NSA 6650 - Sonicwall SM 9200 - Sonicwall SM 9250 - Sonicwall SM 9400 - Sonicwall SM 9450 - Sonicwall SM 9600 - Sonicwall SM 9650 - Sonicwall Soho 250 - Sonicwall Soho 250W - Sonicwall Sohow - Sonicwall TZ 300 - Sonicwall TZ 300P - Sonicwall TZ 300W - Sonicwall TZ 350 - Sonicwall TZ 400 - Sonicwall TZ 400W - Sonicwall TZ 500 - Sonicwall TZ 500W - Sonicwall TZ 600 - Sonicwall TZ 600P -	60

Common Weakness Enumeration (CWE)

CWE-787 - Out-of-bounds Write

References

https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0012