Rapid7 Vulnerability & Exploit Database

SonicWall SonicOS: SNWLID-2019-0009: Sonicwall FireWall - Management Vulnerabilities

Back to Search

SonicWall SonicOS: SNWLID-2019-0009: Sonicwall FireWall - Management Vulnerabilities

Severity
10
CVSS
(AV:N/AC:L/Au:N/C:P/I:P/A:P)
Published
07/29/2019
Created
10/12/2019
Added
10/11/2019
Modified
10/29/2020

Description

SonicWall physical firewall appliances running certain versions of SonicOS contain vulnerabilities in code utilized for remote management. At this time, there is no indication that the discovered vulnerabilities are being exploited in the wild, however: SonicWall STRONGLY advises to apply the SonicOS patch immediately. IF you cannot update immediately, as a mitigation please restrict SonicWall management access (HTTPS/HTTP/SSH) to trusted sources and/or disable management access from untrusted Internet sources, then apply the SonicOS patch as soon as possible. Note: SonicWall will communicate future updates via this Security Advisory and SonicWall PSIRT Advisory SNWLID-2019-0009. This is also known as Urgent/11.

Solution(s)

  • sonicwall-sonicos-snwlid-2019-0009-5-9-0-8
  • sonicwall-sonicos-snwlid-2019-0009-5-9-1-13
  • sonicwall-sonicos-snwlid-2019-0009-6-2-3-2
  • sonicwall-sonicos-snwlid-2019-0009-6-2-4-4
  • sonicwall-sonicos-snwlid-2019-0009-6-2-5-4
  • sonicwall-sonicos-snwlid-2019-0009-6-2-6-2
  • sonicwall-sonicos-snwlid-2019-0009-6-2-7-5
  • sonicwall-sonicos-snwlid-2019-0009-6-2-9-3
  • sonicwall-sonicos-snwlid-2019-0009-6-5-0-4
  • sonicwall-sonicos-snwlid-2019-0009-6-5-1-5
  • sonicwall-sonicos-snwlid-2019-0009-6-5-2-4
  • sonicwall-sonicos-snwlid-2019-0009-6-5-3-4
  • sonicwall-sonicos-snwlid-2019-0009-6-5-4-4
  • sonicwall-sonicos-snwlid-2019-0009-6-2-7-11
  • sonicwall-sonicos-snwlid-2019-0009-6-4-1-1
  • sonicwall-sonicos-snwlid-2019-0009-6-5-1-10

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;