SonicWall Critical Product Notification - GMS and Analyzer mandatory hotfix

First Published:07/21/2016 Last Updated:12/20/2019

GMS and Analyzer Systems

Critical Product Notification

Dear Customer,

An urgent, mandatory hotfix is required to be applied immediately to GMS and Analyzer systems to resolve a high-severity vulnerability. 

A set of login authentication vulnerabilities has been discovered in SonicWALL GMS and Analyzer systems. These vulnerabilities are design flaws and none of them are a “backdoor” as erroneously reported in the press.

Please immediately install a mandatory Hotfix for the products listed below.  This Hotfix will remove the vulnerability and prevent an attacker from exploiting the application. 

See the Support Bulletin and Knowledge Base article for more information.  The Hotfix can be downloaded from www.mysonicwall.com.  The Release Note found on MySonicWALL.com contains instructions on how to apply the hotfix.

Affected Products

  • Dell SonicWALL Appliances
    • GMS
    • Analyzer

Affected Software Versions

  • GMS/Analyzer 8.x
  • GMS/Analyzer/UMA 7.x

Issue Summary

GMS/Analyzer contains vulnerabilities that could allow an unauthenticated, remote attacker to and gain administrative access to the GMS.

Resolution

Dell SonicWALL requires that all affected customers immediately install mandatory Hotfix #174525 to remove the vulnerability. This Hotfix can be downloaded from www.mysonicwall.com.

Sincerely,

The SonicWALL Customer Support Team