SonicWall GMS and Analytics use outdated Tiny Encryption Algorithm (TEA) with a hardcoded key to encrypt sensitive data. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions.
References
Link | Resource |
---|---|
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0010 | Vendor Advisory |
https://www.sonicwall.com/support/notices/230710150218060 | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: sonicwall
Published: 2023-07-13T01:06:27.492Z
Updated: 2023-07-13T01:06:27.492Z
Reserved: 2023-05-25T22:45:46.851Z
Link: CVE-2023-34130
JSON object: View
NVD Information
Status : Analyzed
Published: 2023-07-13T02:15:09.363
Modified: 2023-07-20T19:18:02.093
Link: CVE-2023-34130
JSON object: View
Redhat Information
No data.
CWE