案件登録、MDF、セールスおよびマーケティングツール、トレーニングなどがご利用いただけます。
ナレッジベース、コミュニティ、技術文書、ビデオチュートリアルを検索することにより、質問への回答を検索する
Vulnerabilities in the SonicWALL GMS and Analyzer have been resolved.
Affected Products
SonicWALL GMS and Analyzer
Affected Software Versions
Versions 8.0 and 8.1
Issue Summary
Vulnerabilities were found pertaining to input validation/filter bypass, SQL Injection, XSS, and Adobe Flex bypass.
To fix these vulnerabilities, SonicWall recommends that existing users of SonicWALL GMS and Analyzer upgrade to GMS/Analyzer 8.2.
GMS/Analyzer 8.2 is available for download from https://www.mysonicwall.com. Users should log into MySonicWALL and click on Downloads > Download Center in the navigation panel on the left, then select GMS/Analyzer – Virtual Appliance or GMS/Analyzer – Windows in the Software Type drop down menu. Please see the Release Note for this release for detailed installation procedures.
Reported by
Vulnerability Labs (VL-ID-1819, input validation/filter bypass)
Zero Day Initiative (ZDI-CAN-3748, SQL Injection)
Zero Science Lab (VR-2016-01-C0V, SQL Injection; VR-2016-01-C1D, XSS; VR-2016-01-C1F, Adobe Flex Bypass)
Tenable Network Security (Remote Privilege Escalation)
Additional Information
Please contact SonicWALL Support https://support.sonicwall.com/sonicwall-gms/software