Remote Access Vulnerability in SonicWall Global Management System
CVE-2019-7476

8.1HIGH

Key Information:

Vendor: Sonicwall
Status: Global Management System (gms)
Vendor: CVE Published:; 26 April 2019

Summary

A security vulnerability in SonicWall's Global Management System (GMS) allows an unauthorized remote user to gain access to the appliance using existing SSH keys. This issue affects multiple versions of GMS, including 9.1, 9.0, and earlier versions, potentially compromising the integrity and security of the managed network. Organizations utilizing SonicWall GMS should evaluate their exposure to this vulnerability and take necessary steps to mitigate any risks.

Affected Version(s)

Global Management System (GMS) 9.1

Global Management System (GMS) 9.0

Global Management System (GMS) 8.7

References

https://psirt.global.sonicwall.com/vuln-detail/SNWLID-201...

x_refsource_CONFIRM

CVSS V3.1

Score:

8.1

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Apr 26, 2019
Vulnerability Reserved
Feb 6, 2019