CVE-2013-7025
Published Dec 9, 2013
Last updated 7 years ago
Overview
- Description
- Multiple cross-site scripting (XSS) vulnerabilities in ematStaticAlertTypes.jsp in the Alert Settings section in Dell SonicWALL Global Management System (GMS), Analyzer, and UMA EM5000 7.1 SP1 before Hotfix 134235 allow remote authenticated users to inject arbitrary web script or HTML via the (1) valfield_1 or (2) value_1 parameter to createNewThreshold.jsp.
- Source
- cve@mitre.org
- NVD status
- Analyzed
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 3.5
- Impact score
- 2.9
- Exploitability score
- 6.8
- Vector string
- AV:N/AC:M/Au:S/C:N/I:P/A:N
Weaknesses
- nvd@nist.gov
- CWE-79
Social media
- Hype score
- Not currently trending
Evaluator
- Comment
- Per: http://www.sonicwall.com/us/shared/download/Support_Bulletin_GMS_Vulnerability_Hotfix_134235.pdf "Affected Products Dell SonicWALL GMS Dell SonicWALL Analyzer Dell SonicWALL UMA E5000 Affected Software Versions Version 7.x"
- Impact
- -
- Solution
- -
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sonicwall:analyzer:7.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7A9ABA5C-59AF-496A-B22E-0C88892EC8FD"
},
{
"criteria": "cpe:2.3:a:sonicwall:analyzer:7.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8078DCDB-FC88-41C8-BE14-688B5F4911E1"
},
{
"criteria": "cpe:2.3:a:sonicwall:analyzer:7.1:sp1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "19E54EA9-F9F8-47FA-9F31-C05C2AE59539"
},
{
"criteria": "cpe:2.3:a:sonicwall:global_management_system:7.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CEF95BB8-DF0B-4131-8A89-82DE559CC09B"
},
{
"criteria": "cpe:2.3:a:sonicwall:global_management_system:7.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AF555F86-D3E0-4763-9E9A-C26D5C986FC4"
},
{
"criteria": "cpe:2.3:a:sonicwall:global_management_system:7.1:sp1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "418595FE-EBFA-4B1D-A479-171BBD56279A"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sonicwall:uma_e5000_firmware:7.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "907AFD7C-F904-47AC-937E-4CCDB5E4CEFF"
},
{
"criteria": "cpe:2.3:o:sonicwall:uma_e5000_firmware:7.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "93D89B14-232D-4112-94B7-7757A3BBDD42"
},
{
"criteria": "cpe:2.3:o:sonicwall:uma_e5000_firmware:7.1:sp1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "66B20FAD-1131-4C68-BA4D-8B1A20C1DF91"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:uma_e5000:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "D8F6C2F1-8C1A-4BAD-8F49-464258B09354"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]