CVE-2019-7476
Published Apr 26, 2019
Last updated 3 years ago
Overview
- Description
- A vulnerability in SonicWall Global Management System (GMS), allow a remote user to gain access to the appliance using existing SSH key. This vulnerability affects GMS versions 9.1, 9.0, 8.7, 8.6, 8.4, 8.3 and earlier.
- Source
- PSIRT@sonicwall.com
- NVD status
- Analyzed
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 8.1
- Impact score
- 5.9
- Exploitability score
- 2.2
- Vector string
- CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
CVSS 2.0
- Type
- Primary
- Base score
- 6.8
- Impact score
- 6.4
- Exploitability score
- 8.6
- Vector string
- AV:N/AC:M/Au:N/C:P/I:P/A:P
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sonicwall:global_management_system:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AFFEBF80-7249-4CA6-A6C0-6F6329152FF8",
"versionEndIncluding": "8.3"
},
{
"criteria": "cpe:2.3:a:sonicwall:global_management_system:8.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DD7682E7-0BD5-440C-ABA4-4054D093A57E"
},
{
"criteria": "cpe:2.3:a:sonicwall:global_management_system:8.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "431CAC0A-9915-4D07-A22D-4D674ACC7DBA"
},
{
"criteria": "cpe:2.3:a:sonicwall:global_management_system:8.7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DBD3B183-8BA1-4021-882B-C06ED1C39D8B"
},
{
"criteria": "cpe:2.3:a:sonicwall:global_management_system:9.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8110BA2E-3C68-4C91-BD84-1E2E53AB31AA"
},
{
"criteria": "cpe:2.3:a:sonicwall:global_management_system:9.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8CCAD1F4-A32A-41FD-B3F6-418625A9179C"
}
],
"operator": "OR"
}
]
}
]