CVE-2013-1360
Summary
| CVE | CVE-2013-1360 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2020-02-11 16:15:00 UTC |
| Updated | 2020-02-13 14:12:00 UTC |
| Description | An Authentication Bypass vulnerability exists in DELL SonicWALL Global Management System (GMS) 4.1, 5.0, 5.1, 6.0, and 7.0, Analyzer 7.0, Universal Management Appliance (UMA) 5.1, 6.0, and 7.0 and ViewPoint 4.1, 5.0, and 6.0 via a crafted request to the SGMS interface, which could let a remote malicious user obtain administrative access. |
Risk And Classification
Problem Types: CWE-287
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Sonicwall | Analyzer | 7.0 | All | All | All |
| Application | Sonicwall | Analyzer | 7.0 | All | All | All |
| Application | Sonicwall | Global Management System | 4.1 | All | All | All |
| Application | Sonicwall | Global Management System | 5.0 | All | All | All |
| Application | Sonicwall | Global Management System | 5.1 | All | All | All |
| Application | Sonicwall | Global Management System | 6.0 | All | All | All |
| Application | Sonicwall | Global Management System | 7.0 | All | All | All |
| Application | Sonicwall | Global Management System | 4.1 | All | All | All |
| Application | Sonicwall | Global Management System | 5.0 | All | All | All |
| Application | Sonicwall | Global Management System | 5.1 | All | All | All |
| Application | Sonicwall | Global Management System | 6.0 | All | All | All |
| Application | Sonicwall | Global Management System | 7.0 | All | All | All |
| Application | Sonicwall | Universal Management Appliance | 5.1 | All | All | All |
| Application | Sonicwall | Universal Management Appliance | 6.0 | All | All | All |
| Application | Sonicwall | Universal Management Appliance | 7.0 | All | All | All |
| Application | Sonicwall | Universal Management Appliance | 5.1 | All | All | All |
| Application | Sonicwall | Universal Management Appliance | 6.0 | All | All | All |
| Application | Sonicwall | Universal Management Appliance | 7.0 | All | All | All |
| Application | Sonicwall | Viewpoint | 4.1 | All | All | All |
| Application | Sonicwall | Viewpoint | 5.0 | All | All | All |
| Application | Sonicwall | Viewpoint | 6.0 | All | All | All |
| Application | Sonicwall | Viewpoint | 4.1 | All | All | All |
| Application | Sonicwall | Viewpoint | 5.0 | All | All | All |
| Application | Sonicwall | Viewpoint | 6.0 | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| IBM X-Force Exchange | MISC | exchange.xforce.ibmcloud.com | Third Party Advisory, VDB Entry |
| Multiple SonicWALL Products CVE-2013-1360 Authentication Bypass Vulnerability | MISC | www.securityfocus.com | Third Party Advisory, VDB Entry |
| archives.neohapsis.com/archives/bugtraq/2013-01/0075.html | MISC | archives.neohapsis.com | Broken Link |
| SonicWALL Global Management System Lets Remote Users Bypass Authentication - SecurityTracker | MISC | www.securitytracker.com | Third Party Advisory, VDB Entry |
| SonicWALL GMS/Viewpoint/Analyzer Authentication Bypass | MISC | www.exploit-db.com | Exploit, Third Party Advisory, VDB Entry |
| CVE-2013-1360 ≈ Packet Storm | MISC | packetstormsecurity.com | Third Party Advisory, VDB Entry |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.