Description
A vulnerability in SonicOS allow authenticated read-only admin can elevate permissions to configuration mode. This vulnerability affected SonicOS Gen 5 version 5.9.1.12-4o and earlier, Gen 6 version 6.2.7.4-32n, 6.5.1.4-4n, 6.5.2.3-4n, 6.5.3.3-3n, 6.2.7.10-3n, 6.4.1.0-3n, 6.5.3.3-3n, 6.5.1.9-4n and SonicOSv 6.5.0.2-8v_RC363 (VMWARE), 6.5.0.2.8v_RC367 (AZURE), SonicOSv 6.5.0.2.8v_RC368 (AWS), SonicOSv 6.5.0.2.8v_RC366 (HYPER_V).
Affected products
- SonicWall / SonicOS5.9.1.12-4o – 5.9.1.12-4o
- SonicWall / SonicOS6.2.7.4-32n – 6.2.7.4-32n
- SonicWall / SonicOS6.5.1.4-4n – 6.5.1.4-4n
- SonicWall / SonicOS6.5.2.3-4n – 6.5.2.3-4n
- SonicWall / SonicOS6.5.3.3-3n – 6.5.3.3-3n
- SonicWall / SonicOS6.2.7.10-3n – 6.2.7.10-3n
- SonicWall / SonicOS6.4.1.0-3n – 6.4.1.0-3n
- SonicWall / SonicOS6.5.1.9-4n – 6.5.1.9-4n
- SonicWall / SonicOSv6.5.0.2-8v_RC363 (VMWARE) – 6.5.0.2-8v_RC363 (VMWARE)
- SonicWall / SonicOSv6.5.0.2.8v_RC367 (AZURE) – 6.5.0.2.8v_RC367 (AZURE)
- SonicWall / SonicOSv6.5.0.2.8v_RC368 (AWS) – 6.5.0.2.8v_RC368 (AWS)
- SonicWall / SonicOSv6.5.0.2.8v_RC366 (HYPER_V) – 6.5.0.2.8v_RC366 (HYPER_V)