VYPR
Unrated severityNVD Advisory· Published Feb 19, 2019· Updated Aug 5, 2024

CVE-2018-9867

CVE-2018-9867

Description

In SonicWall SonicOS, administrators without full permissions can download imported certificates. Occurs when administrators who are not in the SonicWall Administrators user group attempt to download imported certificates. This vulnerability affected SonicOS Gen 5 version 5.9.1.10 and earlier, Gen 6 version 6.2.7.3, 6.5.1.3, 6.5.2.2, 6.5.3.1, 6.2.7.8, 6.4.0.0, 6.5.1.8, 6.0.5.3-86o and SonicOSv 6.5.0.2-8v_RC363 (VMWARE), 6.5.0.2.8v_RC367 (AZURE), SonicOSv 6.5.0.2.8v_RC368 (AWS), SonicOSv 6.5.0.2.8v_RC366 (HYPER_V).

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

3
  • SonicWall/Sonicosllm-fuzzy3 versions
    Gen 5 <= 5.9.1.10, Gen 6 <= 6.2.7.3 / 6.5.1.3 / 6.5.2.2 / 6.5.3.1 / 6.2.7.8 / 6.4.0.0 / 6.5.1.8 / 6.0.5.3-86o, SonicOSv <= 6.5.0.2-8v_RC363 / 6.5.0.2.8v_RC367 / 6.5.0.2.8v_RC368 / 6.5.0.2.8v_RC366+ 2 more
    • (no CPE)range: Gen 5 <= 5.9.1.10, Gen 6 <= 6.2.7.3 / 6.5.1.3 / 6.5.2.2 / 6.5.3.1 / 6.2.7.8 / 6.4.0.0 / 6.5.1.8 / 6.0.5.3-86o, SonicOSv <= 6.5.0.2-8v_RC363 / 6.5.0.2.8v_RC367 / 6.5.0.2.8v_RC368 / 6.5.0.2.8v_RC366
    • (no CPE)range: 5.9.1.10 and earlier
    • (no CPE)range: 6.5.0.2-8v_RC363 (VMWARE)

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.