Search
Find a vulnerability
Search criteria
6 vulnerabilities found for uma_em5000_firmware by sonicwall
CVE-2016-2397 (GCVE-0-2016-2397)
Vulnerability from nvd – Published: 2016-02-17 15:00 – Updated: 2024-08-05 23:24
VLAI
Summary
The cliserver implementation in Dell SonicWALL GMS, Analyzer, and UMA EM5000 7.2, 8.0, and 8.1 before Hotfix 168056 allows remote attackers to deserialize and execute arbitrary Java code via crafted XML data.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| http://www.zerodayinitiative.com/advisories/ZDI-16-163 | x_refsource_MISC |
| http://www.securitytracker.com/id/1035015 | vdb-entryx_refsource_SECTRACK |
| https://support.software.dell.com/product-notific… | x_refsource_CONFIRM |
Date Public
2016-01-15 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T23:24:49.292Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-163"
},
{
"name": "1035015",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1035015"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.software.dell.com/product-notification/185943"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-01-15T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The cliserver implementation in Dell SonicWALL GMS, Analyzer, and UMA EM5000 7.2, 8.0, and 8.1 before Hotfix 168056 allows remote attackers to deserialize and execute arbitrary Java code via crafted XML data."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-04-19T20:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-163"
},
{
"name": "1035015",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1035015"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.software.dell.com/product-notification/185943"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-2397",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The cliserver implementation in Dell SonicWALL GMS, Analyzer, and UMA EM5000 7.2, 8.0, and 8.1 before Hotfix 168056 allows remote attackers to deserialize and execute arbitrary Java code via crafted XML data."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-16-163",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-163"
},
{
"name": "1035015",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035015"
},
{
"name": "https://support.software.dell.com/product-notification/185943",
"refsource": "CONFIRM",
"url": "https://support.software.dell.com/product-notification/185943"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-2397",
"datePublished": "2016-02-17T15:00:00.000Z",
"dateReserved": "2016-02-17T00:00:00.000Z",
"dateUpdated": "2024-08-05T23:24:49.292Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-2396 (GCVE-0-2016-2396)
Vulnerability from nvd – Published: 2016-02-17 15:00 – Updated: 2024-08-05 23:24
VLAI
Summary
The GMS ViewPoint (GMSVP) web application in Dell SonicWALL GMS, Analyzer, and UMA EM5000 7.2, 8.0, and 8.1 before Hotfix 168056 allows remote authenticated users to execute arbitrary commands via vectors related to configuration input.
Severity
No CVSS data available.
CWE
- Other
Assigner
References
3 references
| URL | Tags |
|---|---|
| http://www.securitytracker.com/id/1035015 | vdb-entryx_refsource_SECTRACK |
| http://www.zerodayinitiative.com/advisories/ZDI-16-164 | x_refsource_MISC |
| https://support.software.dell.com/product-notific… | x_refsource_CONFIRM |
Date Public
2016-01-15 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T23:24:49.299Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1035015",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1035015"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-164"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.software.dell.com/product-notification/185943"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-01-15T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The GMS ViewPoint (GMSVP) web application in Dell SonicWALL GMS, Analyzer, and UMA EM5000 7.2, 8.0, and 8.1 before Hotfix 168056 allows remote authenticated users to execute arbitrary commands via vectors related to configuration input."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Other",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-12-20T20:52:16.000Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "1035015",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1035015"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-164"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.software.dell.com/product-notification/185943"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "zdi-disclosures@trendmicro.com",
"ID": "CVE-2016-2396",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The GMS ViewPoint (GMSVP) web application in Dell SonicWALL GMS, Analyzer, and UMA EM5000 7.2, 8.0, and 8.1 before Hotfix 168056 allows remote authenticated users to execute arbitrary commands via vectors related to configuration input."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Other"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1035015",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035015"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-16-164",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-164"
},
{
"name": "https://support.software.dell.com/product-notification/185943",
"refsource": "CONFIRM",
"url": "https://support.software.dell.com/product-notification/185943"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2016-2396",
"datePublished": "2016-02-17T15:00:00.000Z",
"dateReserved": "2016-02-17T00:00:00.000Z",
"dateUpdated": "2024-08-05T23:24:49.299Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-3990 (GCVE-0-2015-3990)
Vulnerability from nvd – Published: 2015-05-20 18:00 – Updated: 2024-08-06 06:04
VLAI
Summary
The GMS ViewPoint (GMSVP) web application in Dell Sonicwall GMS, Analyzer, and UMA EM5000 before 7.2 SP4 allows remote authenticated users to execute arbitrary commands via vectors related to configuration.
Severity
No CVSS data available.
CWE
- Other
Assigner
References
4 references
| URL | Tags |
|---|---|
| http://www.securitytracker.com/id/1032373 | vdb-entryx_refsource_SECTRACK |
| https://support.software.dell.com/product-notific… | x_refsource_CONFIRM |
| http://www.zerodayinitiative.com/advisories/ZDI-15-231/ | x_refsource_MISC |
| http://www.securityfocus.com/bid/74756 | vdb-entryx_refsource_BID |
Date Public
2015-05-15 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T06:04:02.256Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1032373",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1032373"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.software.dell.com/product-notification/152178"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-15-231/"
},
{
"name": "74756",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/74756"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-05-15T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The GMS ViewPoint (GMSVP) web application in Dell Sonicwall GMS, Analyzer, and UMA EM5000 before 7.2 SP4 allows remote authenticated users to execute arbitrary commands via vectors related to configuration."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Other",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-12-20T20:52:17.000Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "1032373",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1032373"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.software.dell.com/product-notification/152178"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-15-231/"
},
{
"name": "74756",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/74756"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "zdi-disclosures@trendmicro.com",
"ID": "CVE-2015-3990",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The GMS ViewPoint (GMSVP) web application in Dell Sonicwall GMS, Analyzer, and UMA EM5000 before 7.2 SP4 allows remote authenticated users to execute arbitrary commands via vectors related to configuration."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Other"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1032373",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032373"
},
{
"name": "https://support.software.dell.com/product-notification/152178",
"refsource": "CONFIRM",
"url": "https://support.software.dell.com/product-notification/152178"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-15-231/",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-15-231/"
},
{
"name": "74756",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/74756"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2015-3990",
"datePublished": "2015-05-20T18:00:00.000Z",
"dateReserved": "2015-05-15T00:00:00.000Z",
"dateUpdated": "2024-08-06T06:04:02.256Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-2397 (GCVE-0-2016-2397)
Vulnerability from cvelistv5 – Published: 2016-02-17 15:00 – Updated: 2024-08-05 23:24
VLAI
Summary
The cliserver implementation in Dell SonicWALL GMS, Analyzer, and UMA EM5000 7.2, 8.0, and 8.1 before Hotfix 168056 allows remote attackers to deserialize and execute arbitrary Java code via crafted XML data.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| http://www.zerodayinitiative.com/advisories/ZDI-16-163 | x_refsource_MISC |
| http://www.securitytracker.com/id/1035015 | vdb-entryx_refsource_SECTRACK |
| https://support.software.dell.com/product-notific… | x_refsource_CONFIRM |
Date Public
2016-01-15 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T23:24:49.292Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-163"
},
{
"name": "1035015",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1035015"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.software.dell.com/product-notification/185943"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-01-15T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The cliserver implementation in Dell SonicWALL GMS, Analyzer, and UMA EM5000 7.2, 8.0, and 8.1 before Hotfix 168056 allows remote attackers to deserialize and execute arbitrary Java code via crafted XML data."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-04-19T20:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-163"
},
{
"name": "1035015",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1035015"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.software.dell.com/product-notification/185943"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-2397",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The cliserver implementation in Dell SonicWALL GMS, Analyzer, and UMA EM5000 7.2, 8.0, and 8.1 before Hotfix 168056 allows remote attackers to deserialize and execute arbitrary Java code via crafted XML data."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-16-163",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-163"
},
{
"name": "1035015",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035015"
},
{
"name": "https://support.software.dell.com/product-notification/185943",
"refsource": "CONFIRM",
"url": "https://support.software.dell.com/product-notification/185943"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-2397",
"datePublished": "2016-02-17T15:00:00.000Z",
"dateReserved": "2016-02-17T00:00:00.000Z",
"dateUpdated": "2024-08-05T23:24:49.292Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-2396 (GCVE-0-2016-2396)
Vulnerability from cvelistv5 – Published: 2016-02-17 15:00 – Updated: 2024-08-05 23:24
VLAI
Summary
The GMS ViewPoint (GMSVP) web application in Dell SonicWALL GMS, Analyzer, and UMA EM5000 7.2, 8.0, and 8.1 before Hotfix 168056 allows remote authenticated users to execute arbitrary commands via vectors related to configuration input.
Severity
No CVSS data available.
CWE
- Other
Assigner
References
3 references
| URL | Tags |
|---|---|
| http://www.securitytracker.com/id/1035015 | vdb-entryx_refsource_SECTRACK |
| http://www.zerodayinitiative.com/advisories/ZDI-16-164 | x_refsource_MISC |
| https://support.software.dell.com/product-notific… | x_refsource_CONFIRM |
Date Public
2016-01-15 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T23:24:49.299Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1035015",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1035015"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-164"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.software.dell.com/product-notification/185943"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-01-15T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The GMS ViewPoint (GMSVP) web application in Dell SonicWALL GMS, Analyzer, and UMA EM5000 7.2, 8.0, and 8.1 before Hotfix 168056 allows remote authenticated users to execute arbitrary commands via vectors related to configuration input."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Other",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-12-20T20:52:16.000Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "1035015",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1035015"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-164"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.software.dell.com/product-notification/185943"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "zdi-disclosures@trendmicro.com",
"ID": "CVE-2016-2396",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The GMS ViewPoint (GMSVP) web application in Dell SonicWALL GMS, Analyzer, and UMA EM5000 7.2, 8.0, and 8.1 before Hotfix 168056 allows remote authenticated users to execute arbitrary commands via vectors related to configuration input."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Other"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1035015",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035015"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-16-164",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-164"
},
{
"name": "https://support.software.dell.com/product-notification/185943",
"refsource": "CONFIRM",
"url": "https://support.software.dell.com/product-notification/185943"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2016-2396",
"datePublished": "2016-02-17T15:00:00.000Z",
"dateReserved": "2016-02-17T00:00:00.000Z",
"dateUpdated": "2024-08-05T23:24:49.299Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-3990 (GCVE-0-2015-3990)
Vulnerability from cvelistv5 – Published: 2015-05-20 18:00 – Updated: 2024-08-06 06:04
VLAI
Summary
The GMS ViewPoint (GMSVP) web application in Dell Sonicwall GMS, Analyzer, and UMA EM5000 before 7.2 SP4 allows remote authenticated users to execute arbitrary commands via vectors related to configuration.
Severity
No CVSS data available.
CWE
- Other
Assigner
References
4 references
| URL | Tags |
|---|---|
| http://www.securitytracker.com/id/1032373 | vdb-entryx_refsource_SECTRACK |
| https://support.software.dell.com/product-notific… | x_refsource_CONFIRM |
| http://www.zerodayinitiative.com/advisories/ZDI-15-231/ | x_refsource_MISC |
| http://www.securityfocus.com/bid/74756 | vdb-entryx_refsource_BID |
Date Public
2015-05-15 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T06:04:02.256Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1032373",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1032373"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.software.dell.com/product-notification/152178"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-15-231/"
},
{
"name": "74756",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/74756"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-05-15T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The GMS ViewPoint (GMSVP) web application in Dell Sonicwall GMS, Analyzer, and UMA EM5000 before 7.2 SP4 allows remote authenticated users to execute arbitrary commands via vectors related to configuration."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Other",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-12-20T20:52:17.000Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "1032373",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1032373"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.software.dell.com/product-notification/152178"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-15-231/"
},
{
"name": "74756",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/74756"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "zdi-disclosures@trendmicro.com",
"ID": "CVE-2015-3990",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The GMS ViewPoint (GMSVP) web application in Dell Sonicwall GMS, Analyzer, and UMA EM5000 before 7.2 SP4 allows remote authenticated users to execute arbitrary commands via vectors related to configuration."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Other"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1032373",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032373"
},
{
"name": "https://support.software.dell.com/product-notification/152178",
"refsource": "CONFIRM",
"url": "https://support.software.dell.com/product-notification/152178"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-15-231/",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-15-231/"
},
{
"name": "74756",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/74756"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2015-3990",
"datePublished": "2015-05-20T18:00:00.000Z",
"dateReserved": "2015-05-15T00:00:00.000Z",
"dateUpdated": "2024-08-06T06:04:02.256Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}