CVE-2023-41715 - OpenCVE

SonicOS post-authentication Improper Privilege Management vulnerability in the SonicOS SSL VPN Tunnel allows users to elevate their privileges inside the tunnel.

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

Vendors & Products
CPE Configurations

Vendors	Products
Sonicwall	Tz370w Nsa 4600 Nsv800 Nsa 3650 Nsv1600 Tz 500w Nsa 4650 Nsa 5650 Tz 500 Tz 300p Nsa4700 Tz570 Nssp10700 Tz270 Nsa 6600 Tz370 Nsa6700 Tz 600 Tz 350 Nssp11700 Tz670 Sm 9650 Nsa2700 Nsa3700 Tz 400w Nsv400 Nsa 6650 Nsv300 Nsa 2600 Nssp13700 Soho 250 Tz570p Sm 9600 Nsv270 Tz470 Nsa 5600 Tz 400 Sonicos Nsv470 Nsv25 Sm 9400 Sm 9250 Sm 9450 Sm 9200 Nsv50 Soho 250w Nsv870 Nsa 2650 Nsv100 Tz270w Tz570w Sohow Tz 300 Tz 600p Nsa 3600 Nssp15700 Tz 300w Nsa5700 Nsv10 Nsv200 Tz470w

Configuration 1 [-]

AND

cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*

OR	cpe:2.3:h:sonicwall:nsa2700:-:::::::*
	cpe:2.3:h:sonicwall:nsa3700:-:::::::*
	cpe:2.3:h:sonicwall:nsa4700:-:::::::*
	cpe:2.3:h:sonicwall:nsa5700:-:::::::*
	cpe:2.3:h:sonicwall:nsa6700:-:::::::*
	cpe:2.3:h:sonicwall:nssp10700:-:::::::*
	cpe:2.3:h:sonicwall:nssp11700:-:::::::*
	cpe:2.3:h:sonicwall:nssp13700:-:::::::*
	cpe:2.3:h:sonicwall:nssp15700:-:::::::*
	cpe:2.3:h:sonicwall:nsv10:-:::::::*
	cpe:2.3:h:sonicwall:nsv100:-:::::::*
	cpe:2.3:h:sonicwall:nsv1600:-:::::::*
	cpe:2.3:h:sonicwall:nsv200:-:::::::*
	cpe:2.3:h:sonicwall:nsv25:-:::::::*
	cpe:2.3:h:sonicwall:nsv270:-:::::::*
	cpe:2.3:h:sonicwall:nsv300:-:::::::*
	cpe:2.3:h:sonicwall:nsv400:-:::::::*
	cpe:2.3:h:sonicwall:nsv470:-:::::::*
	cpe:2.3:h:sonicwall:nsv50:-:::::::*
	cpe:2.3:h:sonicwall:nsv800:-:::::::*
	cpe:2.3:h:sonicwall:nsv870:-:::::::*
	cpe:2.3:h:sonicwall:tz270:-:::::::*
	cpe:2.3:h:sonicwall:tz270w:-:::::::*
	cpe:2.3:h:sonicwall:tz370:-:::::::*
	cpe:2.3:h:sonicwall:tz370w:-:::::::*
	cpe:2.3:h:sonicwall:tz470:-:::::::*
	cpe:2.3:h:sonicwall:tz470w:-:::::::*
	cpe:2.3:h:sonicwall:tz570:-:::::::*
	cpe:2.3:h:sonicwall:tz570p:-:::::::*
	cpe:2.3:h:sonicwall:tz570w:-:::::::*
	cpe:2.3:h:sonicwall:tz670:-:::::::*

Configuration 2 [-]

AND

cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*

OR	cpe:2.3:h:sonicwall:nsv10:-:::::::*
	cpe:2.3:h:sonicwall:nsv100:-:::::::*
	cpe:2.3:h:sonicwall:nsv1600:-:::::::*
	cpe:2.3:h:sonicwall:nsv200:-:::::::*
	cpe:2.3:h:sonicwall:nsv25:-:::::::*
	cpe:2.3:h:sonicwall:nsv270:-:::::::*
	cpe:2.3:h:sonicwall:nsv300:-:::::::*
	cpe:2.3:h:sonicwall:nsv400:-:::::::*
	cpe:2.3:h:sonicwall:nsv470:-:::::::*
	cpe:2.3:h:sonicwall:nsv50:-:::::::*
	cpe:2.3:h:sonicwall:nsv800:-:::::::*
	cpe:2.3:h:sonicwall:nsv870:-:::::::*

Configuration 3 [-]

AND

cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*

OR	cpe:2.3:h:sonicwall:nsa_2600:-:::::::*
	cpe:2.3:h:sonicwall:nsa_2650:-:::::::*
	cpe:2.3:h:sonicwall:nsa_3600:-:::::::*
	cpe:2.3:h:sonicwall:nsa_3650:-:::::::*
	cpe:2.3:h:sonicwall:nsa_4600:-:::::::*
	cpe:2.3:h:sonicwall:nsa_4650:-:::::::*
	cpe:2.3:h:sonicwall:nsa_5600:-:::::::*
	cpe:2.3:h:sonicwall:nsa_5650:-:::::::*
	cpe:2.3:h:sonicwall:nsa_6600:-:::::::*
	cpe:2.3:h:sonicwall:nsa_6650:-:::::::*
	cpe:2.3:h:sonicwall:sm_9200:-:::::::*
	cpe:2.3:h:sonicwall:sm_9250:-:::::::*
	cpe:2.3:h:sonicwall:sm_9400:-:::::::*
	cpe:2.3:h:sonicwall:sm_9450:-:::::::*
	cpe:2.3:h:sonicwall:sm_9600:-:::::::*
	cpe:2.3:h:sonicwall:sm_9650:-:::::::*
	cpe:2.3:h:sonicwall:soho_250:-:::::::*
	cpe:2.3:h:sonicwall:soho_250w:-:::::::*
	cpe:2.3:h:sonicwall:sohow:-:::::::*
	cpe:2.3:h:sonicwall:tz_300:-:::::::*
	cpe:2.3:h:sonicwall:tz_300p:-:::::::*
	cpe:2.3:h:sonicwall:tz_300w:-:::::::*
	cpe:2.3:h:sonicwall:tz_350:-:::::::*
	cpe:2.3:h:sonicwall:tz_400:-:::::::*
	cpe:2.3:h:sonicwall:tz_400w:-:::::::*
	cpe:2.3:h:sonicwall:tz_500:-:::::::*
	cpe:2.3:h:sonicwall:tz_500w:-:::::::*
	cpe:2.3:h:sonicwall:tz_600:-:::::::*
	cpe:2.3:h:sonicwall:tz_600p:-:::::::*