Vulnerabilities > Sonicwall > Analyzer > 7.2

DATE CVE VULNERABILITY TITLE RISK
2018-01-14 CVE-2018-5691 Cross-site Scripting vulnerability in Sonicwall Analyzer and Global Management System
SonicWall Global Management System (GMS) 8.1 has XSS via the `newName` and `Name` values of the `/sgms/TreeControl` module.
network
low complexity
sonicwall CWE-79
5.4
2016-02-17 CVE-2016-2397 Command Injection vulnerability in Sonicwall products
The cliserver implementation in Dell SonicWALL GMS, Analyzer, and UMA EM5000 7.2, 8.0, and 8.1 before Hotfix 168056 allows remote attackers to deserialize and execute arbitrary Java code via crafted XML data.
network
low complexity
sonicwall CWE-77
critical
9.8
2016-02-17 CVE-2016-2396 Command Injection vulnerability in Sonicwall products
The GMS ViewPoint (GMSVP) web application in Dell SonicWALL GMS, Analyzer, and UMA EM5000 7.2, 8.0, and 8.1 before Hotfix 168056 allows remote authenticated users to execute arbitrary commands via vectors related to configuration input.
network
low complexity
sonicwall CWE-77
critical
9.9