2019-02-06 09:03:50 -05:00
{
2019-04-01 19:17:30 -07:00
"CVE_data_meta" : {
"ASSIGNER" : "psirt@sonicwall.com" ,
"ID" : "CVE-2019-7475" ,
"STATE" : "PUBLIC"
2019-03-18 01:56:14 +00:00
} ,
2019-04-01 19:17:30 -07:00
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "SonicOS" ,
"version" : {
"version_data" : [
{
"version_value" : "5.9.1.10 and earlier"
} ,
{
"version_value" : "6.2.7.3"
} ,
{
"version_value" : "6.5.1.3"
} ,
{
"version_value" : "6.5.2.2"
} ,
{
"version_value" : "6.5.3.1"
} ,
{
"version_value" : "6.2.7.8"
} ,
{
"version_value" : "6.4.0.0"
} ,
{
"version_value" : "6.5.1.8"
} ,
{
"version_value" : "6.0.5.3-86o"
}
]
}
} ,
{
"product_name" : "SonicOSv" ,
"version" : {
"version_data" : [
{
"version_value" : "6.5.0.2-8v_RC363 (VMWARE)"
} ,
{
"version_value" : "6.5.0.2.8v_RC367 (AZURE)"
} ,
{
"version_value" : "6.5.0.2.8v_RC368 (AWS)"
} ,
{
"version_value" : "6.5.0.2.8v_RC366 (HYPER_V)"
}
]
}
}
]
} ,
"vendor_name" : "SonicWall"
}
]
}
} ,
"data_format" : "MITRE" ,
"data_type" : "CVE" ,
"data_version" : "4.0" ,
"description" : {
"description_data" : [
{
"lang" : "eng" ,
"value" : "A vulnerability in SonicWall SonicOS and SonicOSv with management enabled system on specific configuration allow unprivileged user to access advanced routing services. This vulnerability affected SonicOS Gen 5 version 5.9.1.10 and earlier, Gen 6 version 6.2.7.3, 6.5.1.3, 6.5.2.2, 6.5.3.1, 6.2.7.8, 6.4.0.0, 6.5.1.8, 6.0.5.3-86o and SonicOSv 6.5.0.2-8v_RC363 (VMWARE), 6.5.0.2.8v_RC367 (AZURE), SonicOSv 6.5.0.2.8v_RC368 (AWS), SonicOSv 6.5.0.2.8v_RC366 (HYPER_V)."
}
]
} ,
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng" ,
"value" : "CWE-284: Improper Access Control"
}
]
}
]
} ,
"references" : {
"reference_data" : [
{
"name" : "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0002" ,
"refsource" : "CONFIRM" ,
"url" : "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0002"
}
]
2019-03-18 01:56:14 +00:00
}
2019-04-01 19:17:30 -07:00
}
