CVE-2023-41715

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2023-41715
SonicOS post-authentication Improper Privilege Management vulnerability in the SonicOS SSL VPN Tunnel allows users to elevate their privileges inside the tunnel.

8.8 /10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 2.8 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0012 Vendor Advisory
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0012 Vendor Advisory
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*
OR cpe:2.3:h:sonicwall:nsa2700:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nsa3700:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nsa4700:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nsa5700:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nsa6700:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nssp10700:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nssp11700:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nssp13700:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nssp15700:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nsv10:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nsv100:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nsv1600:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nsv200:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nsv25:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nsv270:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nsv300:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nsv400:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nsv470:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nsv50:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nsv800:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nsv870:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:tz270:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:tz270w:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:tz370:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:tz370w:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:tz470:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:tz470w:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:tz570:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:tz570p:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:tz570w:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:tz670:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*
OR cpe:2.3:h:sonicwall:nsv10:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nsv100:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nsv1600:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nsv200:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nsv25:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nsv270:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nsv300:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nsv400:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nsv470:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nsv50:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nsv800:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nsv870:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*
OR cpe:2.3:h:sonicwall:nsa_2600:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nsa_2650:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nsa_3600:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nsa_3650:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nsa_4600:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nsa_4650:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nsa_5600:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nsa_5650:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nsa_6600:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nsa_6650:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:sm_9200:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:sm_9250:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:sm_9400:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:sm_9450:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:sm_9600:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:sm_9650:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:soho_250:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:soho_250w:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:sohow:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:tz_300:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:tz_300p:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:tz_300w:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:tz_350:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:tz_400:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:tz_400w:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:tz_500:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:tz_500w:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:tz_600:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:tz_600p:-:*:*:*:*:*:*:*
History

21 Nov 2024, 08:21

Type Values Removed Values Added
References () https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0012 - Vendor Advisory () https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0012 - Vendor Advisory

19 Oct 2023, 16:43

Type Values Removed Values Added
CWE CWE-269
CVSS v2 : unknown
v3 : unknown 		v2 : unknown
v3 : 8.8
First Time Sonicwall nsa 3600
Sonicwall tz 600
Sonicwall nsv25
Sonicwall tz 400w
Sonicwall soho 250w
Sonicwall nsa 4650
Sonicwall tz570w
Sonicwall nsv470
Sonicwall nsv800
Sonicwall tz570p
Sonicwall tz 300
Sonicwall nsa 6650
Sonicwall sonicos
Sonicwall nsa3700
Sonicwall sm 9200
Sonicwall nsv10
Sonicwall sm 9450
Sonicwall tz 600p
Sonicwall nssp10700
Sonicwall tz270w
Sonicwall nsa 6600
Sonicwall tz 350
Sonicwall tz370
Sonicwall nsa 5650
Sonicwall soho 250
Sonicwall nsa 5600
Sonicwall tz 500w
Sonicwall sm 9600
Sonicwall tz370w
Sonicwall nsa 4600
Sonicwall nsv100
Sonicwall nsa6700
Sonicwall tz670
Sonicwall nsa 3650
Sonicwall sm 9250
Sonicwall nssp13700
Sonicwall nssp15700
Sonicwall nssp11700
Sonicwall
Sonicwall tz 500
Sonicwall tz470w
Sonicwall tz 300w
Sonicwall nsa4700
Sonicwall tz 300p
Sonicwall nsv270
Sonicwall tz570
Sonicwall tz470
Sonicwall nsv300
Sonicwall nsv200
Sonicwall sm 9400
Sonicwall nsa 2650
Sonicwall sohow
Sonicwall tz 400
Sonicwall sm 9650
Sonicwall nsa 2600
Sonicwall nsa2700
Sonicwall tz270
Sonicwall nsv1600
Sonicwall nsv870
Sonicwall nsv50
Sonicwall nsv400
Sonicwall nsa5700
References (MISC) https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0012 - (MISC) https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0012 - Vendor Advisory
CPE cpe:2.3:h:sonicwall:tz_400w:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nsa_6600:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nsv300:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nsa5700:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nsv470:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nsa4700:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nsa_2600:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:soho_250w:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nsv100:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:tz_500w:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:tz_300w:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:tz270w:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nsv10:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nssp15700:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:tz_300p:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nsa3700:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:tz_500:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:tz_300:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:sm_9400:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:sm_9450:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nsv50:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:tz570p:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:tz_600p:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:sohow:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nsa2700:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nssp11700:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:tz570:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:tz470:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nsv800:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nsa6700:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nsv400:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nsa_3650:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:tz270:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nsa_6650:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:tz_350:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:sm_9600:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nsa_5600:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:soho_250:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:sm_9650:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nsa_5650:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:tz_600:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nsv1600:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:sm_9200:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nsa_2650:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nssp13700:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nsv25:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nsa_3600:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nsv270:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nsv200:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:tz670:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nsv870:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:tz470w:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:sm_9250:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:tz570w:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nssp10700:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:tz370:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nsa_4600:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:tz_400:-:*:*:*:*:*:*:*
cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:tz370w:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:nsa_4650:-:*:*:*:*:*:*:*

17 Oct 2023, 23:15

Type Values Removed Values Added
New CVE
Information

Published : 2023-10-17 23:15

Updated : 2024-11-21 08:21

NVD link : CVE-2023-41715

Mitre link : CVE-2023-41715

CVE.ORG link : CVE-2023-41715

JSON object : View

Products Affected

sonicwall

  • nsv300
  • tz370w
  • nsa_6650
  • tz_350
  • nsv800
  • sm_9600
  • tz470
  • sm_9200
  • tz270
  • nsa2700
  • nsv1600
  • nsa_3650
  • tz_300p
  • sm_9450
  • tz670
  • tz370
  • sm_9650
  • sm_9250
  • tz_500
  • nsv10
  • nsv200
  • nssp10700
  • nsv25
  • nsv100
  • tz570p
  • nsa_2600
  • nsv50
  • tz270w
  • nsa5700
  • tz_500w
  • sonicos
  • nsv400
  • tz570
  • tz_600
  • tz570w
  • nsa4700
  • sm_9400
  • nsa_3600
  • nsv870
  • tz_600p
  • nsa_5600
  • tz_400
  • nsv270
  • nssp11700
  • nsa_4600
  • tz_300w
  • tz470w
  • nsa_5650
  • sohow
  • nssp13700
  • nsa_2650
  • nssp15700
  • nsa3700
  • tz_400w
  • tz_300
  • nsa_6600
  • nsv470
  • soho_250
  • soho_250w
  • nsa_4650
  • nsa6700
CWE
CWE-269

Improper Privilege Management


NetmanageIT Website NetmanageIT OSINT Web NetmanageIT OpenCTI NetmanageIT PDF Tools NetmanageIT CTO Corner Blog NetmanageIT Email Header Analyzer NetmanageIT Password Pusher NetmanageIT Internet Health and Latency Dashboard NetmanageIT Dedicated Speed Test Site NetmanageIT Ubuntu Mirror 10Gbps Copyright OpenCVE 2024