Stack-Based Buffer Overflow Vulnerability in SonicWall's SonicOS
CVE-2023-39277

6.5MEDIUM

Key Information:

Vendor: Sonicwall
Status: Sonicos
Vendor: CVE Published:; 17 October 2023

What is CVE-2023-39277?

A stack-based buffer overflow vulnerability exists in SonicWall's SonicOS, specifically in the sonicflow.csv and appflowsessions.csv URL endpoints. This flaw can be exploited post-authentication, potentially leading to a crash of the firewall, disrupting network security measures and impacting overall system stability. It is essential for users of affected SonicOS versions to apply the recommended fixes to mitigate potential risks.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

SonicOS 7.0.1-5119 and earlier versions

SonicOS 7.0.1-5129 and earlier versions

SonicOS 6.5.4.4-44v-21-2079 and earlier versions

References

https://psirt.global.sonicwall.com/vuln-detail/SNWLID-202...

vendor-advisory

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Oct 17, 2023
Vulnerability Reserved
Jul 27, 2023

JSON

Sonicwall

What is CVE-2023-39277?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.