Vulnerabilites related to sonicwall - tz_350w
Vulnerability from fkie_nvd
Published
2024-08-23 07:15
Modified
2024-09-16 19:48
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.3 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:L
Summary
An improper access control vulnerability has been identified in the SonicWall SonicOS management access, potentially leading to unauthorized resource access and in specific conditions, causing the firewall to crash. This issue affects SonicWall Firewall Gen 5 and Gen 6 devices, as well as Gen 7 devices running SonicOS 7.0.1-5035 and older versions.
References
PSIRT@sonicwall.comhttps://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0015Vendor Advisory
Impacted products
Vendor Product Version
sonicwall sonicos *
sonicwall soho -
sonicwall sonicos *
sonicwall nssp_12400 -
sonicwall nssp_12800 -
sonicwall sm9800 -
sonicwall sonicos *
sonicwall nsa_2650 -
sonicwall nsa_3600 -
sonicwall nsa_3650 -
sonicwall nsa_4600 -
sonicwall nsa_4650 -
sonicwall nsa_5600 -
sonicwall nsa_5650 -
sonicwall nsa_6600 -
sonicwall nsa_6650 -
sonicwall sm_9200 -
sonicwall sm_9250 -
sonicwall sm_9400 -
sonicwall sm_9450 -
sonicwall sm_9600 -
sonicwall sm_9650 -
sonicwall soho_250 -
sonicwall soho_250w -
sonicwall sohow -
sonicwall tz_300 -
sonicwall tz_300p -
sonicwall tz_300w -
sonicwall tz_350 -
sonicwall tz_350w -
sonicwall tz_400 -
sonicwall tz_400w -
sonicwall tz_500 -
sonicwall tz_500w -
sonicwall tz_600 -
sonicwall tz_600p -
sonicwall sonicos *
sonicwall nsa_2700 -
sonicwall nsa_3700 -
sonicwall nsa_4700 -
sonicwall nsa_5700 -
sonicwall nsa_6700 -
sonicwall nssp_10700 -
sonicwall nssp_11700 -
sonicwall nssp_13700 -
sonicwall tz270 -
sonicwall tz270w -
sonicwall tz370 -
sonicwall tz370w -
sonicwall tz470 -
sonicwall tz470w -
sonicwall tz570 -
sonicwall tz570p -
sonicwall tz570w -
sonicwall tz670 -


To clipboard 

{
  "cisaActionDue": "2024-09-30",
  "cisaExploitAdd": "2024-09-09",
  "cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
  "cisaVulnerabilityName": "SonicWall SonicOS Improper Access Control Vulnerability",
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "37E20C47-F8DA-4313-B9AD-C63CEA9D42C5",
              "versionEndExcluding": "5.9.2.14-13o",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:sonicwall:soho:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C6B6B3FD-428E-4D6C-8C45-172CF4FB430D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B16D102-B2BA-4F94-A42F-B8EB2E697907",
              "versionEndExcluding": "6.5.2.8-2n",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:sonicwall:nssp_12400:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2F22AB1-044C-45F1-BD33-82BB46402363",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:sonicwall:nssp_12800:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E62EAD79-2CD4-4479-B26A-A0C97B5B241A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:sonicwall:sm9800:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FCBF16D6-4C60-440D-95AB-986ABC4F9100",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CAFD6E22-8E19-4B5A-85DE-7850FE0AE7CF",
              "versionEndExcluding": "6.5.4.15.116n",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:sonicwall:nsa_2650:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B7BCDFEE-DC5A-44B8-85DF-8BFC02B1A973",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:sonicwall:nsa_3600:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8A24BCC0-CE41-49AF-B03D-D4FCB422503B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:sonicwall:nsa_3650:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "043858A6-26AC-4EB0-A240-A43AD08C6AD5",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:sonicwall:nsa_4600:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8FD73880-DC60-467F-99B6-69807D58A840",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:sonicwall:nsa_4650:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "73BB9452-A014-4A68-9662-63E6C60EEAD2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:sonicwall:nsa_5600:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B0CF683A-7E83-464B-8A0D-4CC641377FA6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:sonicwall:nsa_5650:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9FAAEBB4-F180-4195-BA7F-591AB02EEDC9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:sonicwall:nsa_6600:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD9C3F77-2F1A-4C4F-A8F8-CDBFB7B87891",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:sonicwall:nsa_6650:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "676B05B2-716E-4DC4-BEE8-0E3BCCA5DB27",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:sonicwall:sm_9200:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FEF2B435-957C-4BBE-937D-23E4F33189EF",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:sonicwall:sm_9250:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0CE4FE75-10AD-47D4-AF87-E4C294F89EA8",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:sonicwall:sm_9400:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B485C543-DFCF-4481-92B4-F7198EE4FBD1",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:sonicwall:sm_9450:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "928C1C0D-7AF7-4076-B5B2-207DFF3AD6A4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:sonicwall:sm_9600:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F030C5AB-36CA-445E-AC87-8DEE18DBB40E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:sonicwall:sm_9650:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A1F9D940-8AE2-4B92-B69D-9FF6F48DF16C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:sonicwall:soho_250:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9FDE64E9-44DD-4B7C-BA34-FE2C79E3FAED",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:sonicwall:soho_250w:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4E8F3935-89B4-4091-9B8C-442C02FD4F3A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:sonicwall:sohow:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7268E89B-FF46-45AD-82FF-333505EF957B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:sonicwall:tz_300:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0804FADE-57F7-452F-86B3-079701059D37",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:sonicwall:tz_300p:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9956F726-6D62-4616-B60A-4D3DD6F32105",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:sonicwall:tz_300w:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "29F4D403-F20A-4802-AAE9-9582486EB436",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:sonicwall:tz_350:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "675F28A7-0BB3-4CDA-855E-7EFC650B512E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:sonicwall:tz_350w:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF991212-3F2C-4F54-B96C-C33F500DB77B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:sonicwall:tz_400:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5983C650-84F6-4B2E-A27E-9E83EA1DDC02",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:sonicwall:tz_400w:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BDD4B412-7967-477F-929E-8F12A39186FF",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:sonicwall:tz_500:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A1D996FA-52D1-47C2-87E6-682EEC9CA532",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:sonicwall:tz_500w:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B9DEF6EE-000D-407D-AA2B-E039BA306A2A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:sonicwall:tz_600:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C0B8BFA4-2E15-4318-B7A9-DBDE801D0CF0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:sonicwall:tz_600p:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DCB8CDE6-8052-40F7-950F-05329499A58A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "34814AB8-5F1D-44B4-B53B-FC4FA794DDAA",
              "versionEndIncluding": "7.0.1-5035",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:sonicwall:nsa_2700:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D8B0C7A-FD65-47CA-A625-150A90EFA7A1",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:sonicwall:nsa_3700:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A69E000B-5806-46FD-A233-4E2CC9DD38D2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:sonicwall:nsa_4700:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8DF4A322-7CC7-4AB9-B10E-FFF34DF2182D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:sonicwall:nsa_5700:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C15FED5-C48C-47CF-9645-0563D77883C1",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:sonicwall:nsa_6700:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A884B1BB-F201-4C77-9F6E-B8A884DCD4C2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:sonicwall:nssp_10700:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C3BA5A3-1160-4793-A8D6-40B9D264BCC4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:sonicwall:nssp_11700:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6739DEA3-06FF-4FEB-9931-0DB27F63B70E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:sonicwall:nssp_13700:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0250EDF9-0AEF-4711-8EF6-D447CF48BCAF",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:sonicwall:tz270:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "70340DD4-687B-402C-85AF-C2B80D0F1600",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:sonicwall:tz270w:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "52847BA2-470B-4078-A79B-52095DB9214B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:sonicwall:tz370:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9853AE3A-B0EA-4249-AA7D-1F2051C9BF91",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:sonicwall:tz370w:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4DBDD10C-F89D-4051-BC70-67B41167FF9B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:sonicwall:tz470:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6C23940E-2F9D-447B-A740-42035ED5D400",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:sonicwall:tz470w:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "90C790AD-C40E-4527-8F83-D278282A9600",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:sonicwall:tz570:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C7DF76E0-8E3D-4E0D-A3BB-F5AE05A4C7C9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:sonicwall:tz570p:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "352DFCF9-E333-41C0-8033-91265768FD8E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:sonicwall:tz570w:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C882C38-9DA5-4C03-BB23-AB2B448E3307",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:sonicwall:tz670:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AEEA6065-48D3-4EC7-BD94-CBAE3D1010FF",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "An improper access control vulnerability has been identified in the SonicWall SonicOS management access, potentially leading to unauthorized resource access and in specific conditions, causing the firewall to crash. This issue affects SonicWall Firewall Gen 5 and Gen 6 devices, as well as Gen 7 devices running SonicOS 7.0.1-5035 and older versions."
    },
    {
      "lang": "es",
      "value": "Se ha identificado una vulnerabilidad de control de acceso inadecuado en el acceso de administraci\u00f3n de SonicWall SonicOS, que potencialmente conduce a un acceso no autorizado a recursos y, en condiciones espec\u00edficas, provoca que el firewall falle. Este problema afecta a los dispositivos SonicWall Firewall Gen 5 y Gen 6, as\u00ed como a los dispositivos Gen 7 que ejecutan SonicOS 7.0.1-5035 y versiones anteriores."
    }
  ],
  "id": "CVE-2024-40766",
  "lastModified": "2024-09-16T19:48:30.827",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "LOW",
          "baseScore": 9.3,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:L",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 4.7,
        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
        "type": "Secondary"
      }
    ]
  },
  "published": "2024-08-23T07:15:03.643",
  "references": [
    {
      "source": "PSIRT@sonicwall.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0015"
    }
  ],
  "sourceIdentifier": "PSIRT@sonicwall.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-284"
        }
      ],
      "source": "PSIRT@sonicwall.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

cve-2024-40766
Vulnerability from cvelistv5
Published
2024-08-23 06:19
Modified
2024-09-09 16:20
Severity ?
9.3 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:L
Summary
An improper access control vulnerability has been identified in the SonicWall SonicOS management access, potentially leading to unauthorized resource access and in specific conditions, causing the firewall to crash. This issue affects SonicWall Firewall Gen 5 and Gen 6 devices, as well as Gen 7 devices running SonicOS 7.0.1-5035 and older versions.
References
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0015vendor-advisory
Impacted products
Vendor Product Version
SonicWall SonicOS Version: 5.9.2.14-12o and older versions
Version: 6.5.4.14-109n and older versions
Version: 7.0.1-5035 and older versions
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "sonicos",
            "vendor": "sonicwall",
            "versions": [
              {
                "lessThanOrEqual": "5.9.2.14-12o",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "6.5.4.14-109n",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "7.0.1-5035",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "LOW",
              "baseScore": 9.3,
              "baseSeverity": "CRITICAL",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "NONE",
              "privilegesRequired": "NONE",
              "scope": "CHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:L",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2024-40766",
                "options": [
                  {
                    "Exploitation": "active"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-09T14:11:51.602153Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          },
          {
            "other": {
              "content": {
                "dateAdded": "2024-09-09",
                "reference": "https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json"
              },
              "type": "kev"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-09T16:20:22.681Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "timeline": [
          {
            "lang": "en",
            "time": "2024-09-09T00:00:00+00:00",
            "value": "CVE-2024-40766 added to CISA KEV"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "platforms": [
            "Gen5",
            "Gen6",
            "Gen7"
          ],
          "product": "SonicOS",
          "vendor": "SonicWall",
          "versions": [
            {
              "status": "affected",
              "version": "5.9.2.14-12o and older versions"
            },
            {
              "status": "affected",
              "version": "6.5.4.14-109n and older versions"
            },
            {
              "status": "affected",
              "version": "7.0.1-5035 and older versions"
            }
          ]
        }
      ],
      "datePublic": "2024-08-23T06:13:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "An improper access control vulnerability has been identified in the SonicWall SonicOS management access, potentially leading to unauthorized resource access and in specific conditions, causing the firewall to crash. This issue affects SonicWall Firewall Gen 5 and Gen 6 devices, as well as Gen 7 devices running SonicOS 7.0.1-5035 and older versions."
            }
          ],
          "value": "An improper access control vulnerability has been identified in the SonicWall SonicOS management access, potentially leading to unauthorized resource access and in specific conditions, causing the firewall to crash. This issue affects SonicWall Firewall Gen 5 and Gen 6 devices, as well as Gen 7 devices running SonicOS 7.0.1-5035 and older versions."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-284",
              "description": "CWE-284 Improper Access Control",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-08-23T06:19:07.229Z",
        "orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
        "shortName": "sonicwall"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0015"
        }
      ],
      "source": {
        "advisory": "SNWLID-2024-0015",
        "discovery": "INTERNAL"
      },
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
    "assignerShortName": "sonicwall",
    "cveId": "CVE-2024-40766",
    "datePublished": "2024-08-23T06:19:07.229Z",
    "dateReserved": "2024-07-10T15:58:49.462Z",
    "dateUpdated": "2024-09-09T16:20:22.681Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}