CVE-2023-39280 - OpenCVE

SonicOS p ost-authentication Stack-Based Buffer Overflow vulnerability in the ssoStats-s.xml, ssoStats-s.wri URL endpoints leads to a firewall crash.

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

Vendors & Products
CPE Configurations

Vendors	Products
Sonicwall	Tz370w Nsa 4600 Nsv800 Nsa 3650 Nsv1600 Tz 500w Nsa 4650 Nsa 5650 Tz 500 Tz 300p Nsa4700 Tz570 Nssp10700 Tz270 Nsa 6600 Tz370 Nsa6700 Tz 600 Tz 350 Nssp11700 Tz670 Sm 9650 Nsa2700 Nsa3700 Tz 400w Nsv400 Nsa 6650 Nsv300 Nsa 2600 Nssp13700 Soho 250 Tz570p Sm 9600 Nsv270 Tz470 Nsa 5600 Tz 400 Sonicos Nsv470 Nsv25 Sm 9400 Sm 9250 Sm 9450 Sm 9200 Nsv50 Soho 250w Nsv870 Nsa 2650 Nsv100 Tz270w Tz570w Sohow Tz 300 Tz 600p Nsa 3600 Nssp15700 Tz 300w Nsa5700 Nsv10 Nsv200 Tz470w

Configuration 1 [-]

AND

cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*

OR	cpe:2.3:h:sonicwall:nsa2700:-:::::::*
	cpe:2.3:h:sonicwall:nsa3700:-:::::::*
	cpe:2.3:h:sonicwall:nsa4700:-:::::::*
	cpe:2.3:h:sonicwall:nsa5700:-:::::::*
	cpe:2.3:h:sonicwall:nsa6700:-:::::::*
	cpe:2.3:h:sonicwall:nssp10700:-:::::::*
	cpe:2.3:h:sonicwall:nssp11700:-:::::::*
	cpe:2.3:h:sonicwall:nssp13700:-:::::::*
	cpe:2.3:h:sonicwall:nssp15700:-:::::::*
	cpe:2.3:h:sonicwall:nsv10:-:::::::*
	cpe:2.3:h:sonicwall:nsv100:-:::::::*
	cpe:2.3:h:sonicwall:nsv1600:-:::::::*
	cpe:2.3:h:sonicwall:nsv200:-:::::::*
	cpe:2.3:h:sonicwall:nsv25:-:::::::*
	cpe:2.3:h:sonicwall:nsv270:-:::::::*
	cpe:2.3:h:sonicwall:nsv300:-:::::::*
	cpe:2.3:h:sonicwall:nsv400:-:::::::*
	cpe:2.3:h:sonicwall:nsv470:-:::::::*
	cpe:2.3:h:sonicwall:nsv50:-:::::::*
	cpe:2.3:h:sonicwall:nsv800:-:::::::*
	cpe:2.3:h:sonicwall:nsv870:-:::::::*
	cpe:2.3:h:sonicwall:tz270:-:::::::*
	cpe:2.3:h:sonicwall:tz270w:-:::::::*
	cpe:2.3:h:sonicwall:tz370:-:::::::*
	cpe:2.3:h:sonicwall:tz370w:-:::::::*
	cpe:2.3:h:sonicwall:tz470:-:::::::*
	cpe:2.3:h:sonicwall:tz470w:-:::::::*
	cpe:2.3:h:sonicwall:tz570:-:::::::*
	cpe:2.3:h:sonicwall:tz570p:-:::::::*
	cpe:2.3:h:sonicwall:tz570w:-:::::::*
	cpe:2.3:h:sonicwall:tz670:-:::::::*

Configuration 2 [-]

AND

cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*

OR	cpe:2.3:h:sonicwall:nsv10:-:::::::*
	cpe:2.3:h:sonicwall:nsv100:-:::::::*
	cpe:2.3:h:sonicwall:nsv1600:-:::::::*
	cpe:2.3:h:sonicwall:nsv200:-:::::::*
	cpe:2.3:h:sonicwall:nsv25:-:::::::*
	cpe:2.3:h:sonicwall:nsv270:-:::::::*
	cpe:2.3:h:sonicwall:nsv300:-:::::::*
	cpe:2.3:h:sonicwall:nsv400:-:::::::*
	cpe:2.3:h:sonicwall:nsv470:-:::::::*
	cpe:2.3:h:sonicwall:nsv50:-:::::::*
	cpe:2.3:h:sonicwall:nsv800:-:::::::*
	cpe:2.3:h:sonicwall:nsv870:-:::::::*

Configuration 3 [-]

AND

cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*

OR	cpe:2.3:h:sonicwall:nsa_2600:-:::::::*
	cpe:2.3:h:sonicwall:nsa_2650:-:::::::*
	cpe:2.3:h:sonicwall:nsa_3600:-:::::::*
	cpe:2.3:h:sonicwall:nsa_3650:-:::::::*
	cpe:2.3:h:sonicwall:nsa_4600:-:::::::*
	cpe:2.3:h:sonicwall:nsa_4650:-:::::::*
	cpe:2.3:h:sonicwall:nsa_5600:-:::::::*
	cpe:2.3:h:sonicwall:nsa_5650:-:::::::*
	cpe:2.3:h:sonicwall:nsa_6600:-:::::::*
	cpe:2.3:h:sonicwall:nsa_6650:-:::::::*
	cpe:2.3:h:sonicwall:sm_9200:-:::::::*
	cpe:2.3:h:sonicwall:sm_9250:-:::::::*
	cpe:2.3:h:sonicwall:sm_9400:-:::::::*
	cpe:2.3:h:sonicwall:sm_9450:-:::::::*
	cpe:2.3:h:sonicwall:sm_9600:-:::::::*
	cpe:2.3:h:sonicwall:sm_9650:-:::::::*
	cpe:2.3:h:sonicwall:soho_250:-:::::::*
	cpe:2.3:h:sonicwall:soho_250w:-:::::::*
	cpe:2.3:h:sonicwall:sohow:-:::::::*
	cpe:2.3:h:sonicwall:tz_300:-:::::::*
	cpe:2.3:h:sonicwall:tz_300p:-:::::::*
	cpe:2.3:h:sonicwall:tz_300w:-:::::::*
	cpe:2.3:h:sonicwall:tz_350:-:::::::*
	cpe:2.3:h:sonicwall:tz_400:-:::::::*
	cpe:2.3:h:sonicwall:tz_400w:-:::::::*
	cpe:2.3:h:sonicwall:tz_500:-:::::::*
	cpe:2.3:h:sonicwall:tz_500w:-:::::::*
	cpe:2.3:h:sonicwall:tz_600:-:::::::*
	cpe:2.3:h:sonicwall:tz_600p:-:::::::*

References

Link	Resource
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0012	Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: sonicwall

Published: 2023-10-17T22:17:36.308Z

Updated: 2023-10-17T22:17:36.308Z

Reserved: 2023-07-27T00:07:04.125Z

Link: CVE-2023-39280

JSON object: View

NVD Information

Status : Analyzed

Published: 2023-10-17T23:15:11.853

Modified: 2023-10-19T16:44:36.887

Link: CVE-2023-39280

JSON object: View

Redhat Information

No data.

CWE

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", "matchCriteriaId": "2C7049FD-8088-4FCE-886A-F4CF5E287D1C", "versionEndExcluding": "7.0.1-5145", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:sonicwall:nsa2700:-:*:*:*:*:*:*:*", "matchCriteriaId": "4AFAFCEC-A61E-40EB-87B9-7449751CCAF8", "vulnerable": false}, {"criteria": "cpe:2.3:h:sonicwall:nsa3700:-:*:*:*:*:*:*:*", "matchCriteriaId": "7BC4F132-D29A-4974-86DA-6E35AB05327C", "vulnerable": false}, {"criteria": "cpe:2.3:h:sonicwall:nsa4700:-:*:*:*:*:*:*:*", "matchCriteriaId": "CBE365CF-DBE9-4C84-AB0C-0CAB7C74ED40", "vulnerable": false}, {"criteria": "cpe:2.3:h:sonicwall:nsa5700:-:*:*:*:*:*:*:*", "matchCriteriaId": "016BB564-CEFC-4E0C-9D38-D9C4C8B2E492", "vulnerable": false}, {"criteria": "cpe:2.3:h:sonicwall:nsa6700:-:*:*:*:*:*:*:*", "matchCriteriaId": "5D95DCC6-6F48-4A79-A9F6-BDB1AEFA2180", "vulnerable": false}, {"criteria": "cpe:2.3:h:sonicwall:nssp10700:-:*:*:*:*:*:*:*", "matchCriteriaId": "15F2741F-3C32-4075-A224-BE272B50E3D9", "vulnerable": false}, {"criteria": "cpe:2.3:h:sonicwall:nssp11700:-:*:*:*:*:*:*:*", "matchCriteriaId": "AC883B32-987C-4D34-8BBF-39E2C57A62EE", "vulnerable": false}, {"criteria": "cpe:2.3:h:sonicwall:nssp13700:-:*:*:*:*:*:*:*", "matchCriteriaId": "C72EA66A-320C-4D5E-B3F6-6D5F8733E2F1", "vulnerable": false}, {"criteria": "cpe:2.3:h:sonicwall:nssp15700:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B4A33E-8456-451E-AAF4-7F48BEDACF45", "vulnerable": false}, {"criteria": "cpe:2.3:h:sonicwall:nsv10:-:*:*:*:*:*:*:*", "matchCriteriaId": "8F5B29EE-9D04-44CC-BB1F-C3C6130D2708", "vulnerable": false}, {"criteria": "cpe:2.3:h:sonicwall:nsv100:-:*:*:*:*:*:*:*", "matchCriteriaId": "DB6153BB-7B2C-4307-ABE0-0E7E1745DEC7", "vulnerable": false}, {"criteria": "cpe:2.3:h:sonicwall:nsv1600:-:*:*:*:*:*:*:*", "matchCriteriaId": "93914C8C-69ED-480C-80F2-4334C00788D8", "vulnerable": false}, {"criteria": "cpe:2.3:h:sonicwall:nsv200:-:*:*:*:*:*:*:*", "matchCriteriaId": "FE26ECE3-9E17-456F-A416-E23A758C9E4C", "vulnerable": false}, {"criteria": "cpe:2.3:h:sonicwall:nsv25:-:*:*:*:*:*:*:*", "matchCriteriaId": "67EEA85D-8F9E-4E41-B8B3-119738375A84", "vulnerable": false}, {"criteria": "cpe:2.3:h:sonicwall:nsv270:-:*:*:*:*:*:*:*", "matchCriteriaId": "DACDCE12-74C2-4F3C-8421-9191700514C5", "vulnerable": false}, {"criteria": "cpe:2.3:h:sonicwall:nsv300:-:*:*:*:*:*:*:*", "matchCriteriaId": "F0D33997-0D65-464E-8AA5-043499C667D1", "vulnerable": false}, {"criteria": "cpe:2.3:h:sonicwall:nsv400:-:*:*:*:*:*:*:*", "matchCriteriaId": "D13CD6CF-B048-4214-AAA8-AB58BE6C6C5E", "vulnerable": false}, {"criteria": "cpe:2.3:h:sonicwall:nsv470:-:*:*:*:*:*:*:*", "matchCriteriaId": "3AF1ECB1-6257-41E3-A050-6467063F4807", "vulnerable": false}, {"criteria": "cpe:2.3:h:sonicwall:nsv50:-:*:*:*:*:*:*:*", "matchCriteriaId": "BA838CC7-083A-4BF1-9C95-BED6F5A2992C", "vulnerable": false}, {"criteria": "cpe:2.3:h:sonicwall:nsv800:-:*:*:*:*:*:*:*", "matchCriteriaId": "D0171D69-14A6-4AB0-8377-C233F5E192D8", "vulnerable": false}, {"criteria": "cpe:2.3:h:sonicwall:nsv870:-:*:*:*:*:*:*:*", "matchCriteriaId": "0883D805-1BA9-49CE-AEC7-51C9D9A69C5C", "vulnerable": false}, {"criteria": "cpe:2.3:h:sonicwall:tz270:-:*:*:*:*:*:*:*", "matchCriteriaId": "70340DD4-687B-402C-85AF-C2B80D0F1600", "vulnerable": false}, {"criteria": "cpe:2.3:h:sonicwall:tz270w:-:*:*:*:*:*:*:*", "matchCriteriaId": "52847BA2-470B-4078-A79B-52095DB9214B", "vulnerable": false}, {"criteria": "cpe:2.3:h:sonicwall:tz370:-:*:*:*:*:*:*:*", "matchCriteriaId": "9853AE3A-B0EA-4249-AA7D-1F2051C9BF91", "vulnerable": false}, {"criteria": "cpe:2.3:h:sonicwall:tz370w:-:*:*:*:*:*:*:*", "matchCriteriaId": "4DBDD10C-F89D-4051-BC70-67B41167FF9B", "vulnerable": false}, {"criteria": "cpe:2.3:h:sonicwall:tz470:-:*:*:*:*:*:*:*", "matchCriteriaId": "6C23940E-2F9D-447B-A740-42035ED5D400", "vulnerable": false}, {"criteria": "cpe:2.3:h:sonicwall:tz470w:-:*:*:*:*:*:*:*", "matchCriteriaId": "90C790AD-C40E-4527-8F83-D278282A9600", "vulnerable": false}, {"criteria": "cpe:2.3:h:sonicwall:tz570:-:*:*:*:*:*:*:*", "matchCriteriaId": "C7DF76E0-8E3D-4E0D-A3BB-F5AE05A4C7C9", "vulnerable": false}, {"criteria": "cpe:2.3:h:sonicwall:tz570p:-:*:*:*:*:*:*:*", "matchCriteriaId": "352DFCF9-E333-41C0-8033-91265768FD8E", "vulnerable": false}, {"criteria": "cpe:2.3:h:sonicwall:tz570w:-:*:*:*:*:*:*:*", "matchCriteriaId": "4C882C38-9DA5-4C03-BB23-AB2B448E3307", "vulnerable": false}, {"criteria": "cpe:2.3:h:sonicwall:tz670:-:*:*:*:*:*:*:*", "matchCriteriaId": "AEEA6065-48D3-4EC7-BD94-CBAE3D1010FF", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", "matchCriteriaId": "9B91638E-FB80-4C65-8A37-827488CB3E2C", "versionEndExcluding": "6.5.4.4-44v-21-2340", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:sonicwall:nsv10:-:*:*:*:*:*:*:*", "matchCriteriaId": "8F5B29EE-9D04-44CC-BB1F-C3C6130D2708", "vulnerable": false}, {"criteria": "cpe:2.3:h:sonicwall:nsv100:-:*:*:*:*:*:*:*", "matchCriteriaId": "DB6153BB-7B2C-4307-ABE0-0E7E1745DEC7", "vulnerable": false}, {"criteria": "cpe:2.3:h:sonicwall:nsv1600:-:*:*:*:*:*:*:*", "matchCriteriaId": "93914C8C-69ED-480C-80F2-4334C00788D8", "vulnerable": false}, {"criteria": "cpe:2.3:h:sonicwall:nsv200:-:*:*:*:*:*:*:*", "matchCriteriaId": "FE26ECE3-9E17-456F-A416-E23A758C9E4C", "vulnerable": false}, {"criteria": "cpe:2.3:h:sonicwall:nsv25:-:*:*:*:*:*:*:*", "matchCriteriaId": "67EEA85D-8F9E-4E41-B8B3-119738375A84", "vulnerable": false}, {"criteria": "cpe:2.3:h:sonicwall:nsv270:-:*:*:*:*:*:*:*", "matchCriteriaId": "DACDCE12-74C2-4F3C-8421-9191700514C5", "vulnerable": false}, {"criteria": "cpe:2.3:h:sonicwall:nsv300:-:*:*:*:*:*:*:*", "matchCriteriaId": "F0D33997-0D65-464E-8AA5-043499C667D1", "vulnerable": false}, {"criteria": "cpe:2.3:h:sonicwall:nsv400:-:*:*:*:*:*:*:*", "matchCriteriaId": "D13CD6CF-B048-4214-AAA8-AB58BE6C6C5E", "vulnerable": false}, {"criteria": "cpe:2.3:h:sonicwall:nsv470:-:*:*:*:*:*:*:*", "matchCriteriaId": "3AF1ECB1-6257-41E3-A050-6467063F4807", "vulnerable": false}, {"criteria": "cpe:2.3:h:sonicwall:nsv50:-:*:*:*:*:*:*:*", "matchCriteriaId": "BA838CC7-083A-4BF1-9C95-BED6F5A2992C", "vulnerable": false}, {"criteria": "cpe:2.3:h:sonicwall:nsv800:-:*:*:*:*:*:*:*", "matchCriteriaId": "D0171D69-14A6-4AB0-8377-C233F5E192D8", "vulnerable": false}, {"criteria": "cpe:2.3:h:sonicwall:nsv870:-:*:*:*:*:*:*:*", "matchCriteriaId": "0883D805-1BA9-49CE-AEC7-51C9D9A69C5C", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*", "matchCriteriaId": "0D74A465-1A72-4A02-8A54-FD502BD28119", "versionEndExcluding": "6.5.4.13-105n", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:sonicwall:nsa_2600:-:*:*:*:*:*:*:*", "matchCriteriaId": "F86D13F9-D41E-4230-9116-A781FFAEF00D", "vulnerable": false}, {"criteria": "cpe:2.3:h:sonicwall:nsa_2650:-:*:*:*:*:*:*:*", "matchCriteriaId": "B7BCDFEE-DC5A-44B8-85DF-8BFC02B1A973", "vulnerable": false}, {"criteria": "cpe:2.3:h:sonicwall:nsa_3600:-:*:*:*:*:*:*:*", "matchCriteriaId": "8A24BCC0-CE41-49AF-B03D-D4FCB422503B", "vulnerable": false}, {"criteria": "cpe:2.3:h:sonicwall:nsa_3650:-:*:*:*:*:*:*:*", "matchCriteriaId": "043858A6-26AC-4EB0-A240-A43AD08C6AD5", "vulnerable": false}, {"criteria": "cpe:2.3:h:sonicwall:nsa_4600:-:*:*:*:*:*:*:*", "matchCriteriaId": "8FD73880-DC60-467F-99B6-69807D58A840", "vulnerable": false}, {"criteria": "cpe:2.3:h:sonicwall:nsa_4650:-:*:*:*:*:*:*:*", "matchCriteriaId": "73BB9452-A014-4A68-9662-63E6C60EEAD2", "vulnerable": false}, {"criteria": "cpe:2.3:h:sonicwall:nsa_5600:-:*:*:*:*:*:*:*", "matchCriteriaId": "B0CF683A-7E83-464B-8A0D-4CC641377FA6", "vulnerable": false}, {"criteria": "cpe:2.3:h:sonicwall:nsa_5650:-:*:*:*:*:*:*:*", "matchCriteriaId": "9FAAEBB4-F180-4195-BA7F-591AB02EEDC9", "vulnerable": false}, {"criteria": "cpe:2.3:h:sonicwall:nsa_6600:-:*:*:*:*:*:*:*", "matchCriteriaId": "CD9C3F77-2F1A-4C4F-A8F8-CDBFB7B87891", "vulnerable": false}, {"criteria": "cpe:2.3:h:sonicwall:nsa_6650:-:*:*:*:*:*:*:*", "matchCriteriaId": "676B05B2-716E-4DC4-BEE8-0E3BCCA5DB27", "vulnerable": false}, {"criteria": "cpe:2.3:h:sonicwall:sm_9200:-:*:*:*:*:*:*:*", "matchCriteriaId": "FEF2B435-957C-4BBE-937D-23E4F33189EF", "vulnerable": false}, {"criteria": "cpe:2.3:h:sonicwall:sm_9250:-:*:*:*:*:*:*:*", "matchCriteriaId": "0CE4FE75-10AD-47D4-AF87-E4C294F89EA8", "vulnerable": false}, {"criteria": "cpe:2.3:h:sonicwall:sm_9400:-:*:*:*:*:*:*:*", "matchCriteriaId": "B485C543-DFCF-4481-92B4-F7198EE4FBD1", "vulnerable": false}, {"criteria": "cpe:2.3:h:sonicwall:sm_9450:-:*:*:*:*:*:*:*", "matchCriteriaId": "928C1C0D-7AF7-4076-B5B2-207DFF3AD6A4", "vulnerable": false}, {"criteria": "cpe:2.3:h:sonicwall:sm_9600:-:*:*:*:*:*:*:*", "matchCriteriaId": "F030C5AB-36CA-445E-AC87-8DEE18DBB40E", "vulnerable": false}, {"criteria": "cpe:2.3:h:sonicwall:sm_9650:-:*:*:*:*:*:*:*", "matchCriteriaId": "A1F9D940-8AE2-4B92-B69D-9FF6F48DF16C", "vulnerable": false}, {"criteria": "cpe:2.3:h:sonicwall:soho_250:-:*:*:*:*:*:*:*", "matchCriteriaId": "9FDE64E9-44DD-4B7C-BA34-FE2C79E3FAED", "vulnerable": false}, {"criteria": "cpe:2.3:h:sonicwall:soho_250w:-:*:*:*:*:*:*:*", "matchCriteriaId": "4E8F3935-89B4-4091-9B8C-442C02FD4F3A", "vulnerable": false}, {"criteria": "cpe:2.3:h:sonicwall:sohow:-:*:*:*:*:*:*:*", "matchCriteriaId": "7268E89B-FF46-45AD-82FF-333505EF957B", "vulnerable": false}, {"criteria": "cpe:2.3:h:sonicwall:tz_300:-:*:*:*:*:*:*:*", "matchCriteriaId": "0804FADE-57F7-452F-86B3-079701059D37", "vulnerable": false}, {"criteria": "cpe:2.3:h:sonicwall:tz_300p:-:*:*:*:*:*:*:*", "matchCriteriaId": "9956F726-6D62-4616-B60A-4D3DD6F32105", "vulnerable": false}, {"criteria": "cpe:2.3:h:sonicwall:tz_300w:-:*:*:*:*:*:*:*", "matchCriteriaId": "29F4D403-F20A-4802-AAE9-9582486EB436", "vulnerable": false}, {"criteria": "cpe:2.3:h:sonicwall:tz_350:-:*:*:*:*:*:*:*", "matchCriteriaId": "675F28A7-0BB3-4CDA-855E-7EFC650B512E", "vulnerable": false}, {"criteria": "cpe:2.3:h:sonicwall:tz_400:-:*:*:*:*:*:*:*", "matchCriteriaId": "5983C650-84F6-4B2E-A27E-9E83EA1DDC02", "vulnerable": false}, {"criteria": "cpe:2.3:h:sonicwall:tz_400w:-:*:*:*:*:*:*:*", "matchCriteriaId": "BDD4B412-7967-477F-929E-8F12A39186FF", "vulnerable": false}, {"criteria": "cpe:2.3:h:sonicwall:tz_500:-:*:*:*:*:*:*:*", "matchCriteriaId": "A1D996FA-52D1-47C2-87E6-682EEC9CA532", "vulnerable": false}, {"criteria": "cpe:2.3:h:sonicwall:tz_500w:-:*:*:*:*:*:*:*", "matchCriteriaId": "B9DEF6EE-000D-407D-AA2B-E039BA306A2A", "vulnerable": false}, {"criteria": "cpe:2.3:h:sonicwall:tz_600:-:*:*:*:*:*:*:*", "matchCriteriaId": "C0B8BFA4-2E15-4318-B7A9-DBDE801D0CF0", "vulnerable": false}, {"criteria": "cpe:2.3:h:sonicwall:tz_600p:-:*:*:*:*:*:*:*", "matchCriteriaId": "DCB8CDE6-8052-40F7-950F-05329499A58A", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "SonicOS p\n\nost-authentication Stack-Based Buffer Overflow vulnerability in the ssoStats-s.xml, ssoStats-s.wri URL endpoints leads to a firewall crash.\n\n"}, {"lang": "es", "value": "La vulnerabilidad de desbordamiento del b\u00fafer posterior a la autenticaci\u00f3n de SonicOS en los endpoints de URL ssoStats-s.xml y ssoStats-s.wri provoca una falla del firewall."}], "id": "CVE-2023-39280", "lastModified": "2023-10-19T16:44:36.887", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-10-17T23:15:11.853", "references": [{"source": "PSIRT@sonicwall.com", "tags": ["Vendor Advisory"], "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0012"}], "sourceIdentifier": "PSIRT@sonicwall.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-787"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-121"}], "source": "PSIRT@sonicwall.com", "type": "Secondary"}]}