SonicWall SonicOS 7.0.1.0

CPE Details

SonicWall SonicOS 7.0.1.0
sonicwall
sonicos
7.0.1.0
2021-09-03
10h04 +00:00
2021-09-03
18h17 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:o:sonicwall:sonicos:7.0.1.0:*:*:*:*:*:*:*

Informations

Vendor

sonicwall

Product

sonicos

Version

7.0.1.0

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2022-22275 2022-04-27 14h25 +00:00 Improper Restriction of TCP Communication Channel in HTTP/S inbound traffic from WAN to DMZ bypassing security policy until TCP handshake potentially resulting in Denial of Service (DoS) attack if a target host is vulnerable.
7.5
High
CVE-2021-20027 2021-06-14 20h30 +00:00 A buffer overflow vulnerability in SonicOS allows a remote attacker to cause a Denial of Service (DoS) by sending a specially crafted request. This vulnerability affects SonicOS Gen5, Gen6, Gen7 platforms, and SonicOSv virtual firewalls.
7.5
High
CVE-2021-3449 2021-03-25 14h25 +00:00 An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it was present in the initial ClientHello), but includes a signature_algorithms_cert extension then a NULL pointer dereference will result, leading to a crash and a denial of service attack. A server is only vulnerable if it has TLSv1.2 and renegotiation enabled (which is the default configuration). OpenSSL TLS clients are not impacted by this issue. All OpenSSL 1.1.1 versions are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1k. OpenSSL 1.0.2 is not impacted by this issue. Fixed in OpenSSL 1.1.1k (Affected 1.1.1-1.1.1j).
5.9
Medium
CVE-2018-5281 2018-01-08 08h00 +00:00 SonicWall SonicOS on Network Security Appliance (NSA) 2017 Q4 devices has XSS via the CFS Custom Category and Cloud AV DB Exclusion Settings screens.
5.4
Medium