CVE-2014-0332: XSS
First published: Fri Feb 14 2014(Updated: )
Cross-site scripting (XSS) vulnerability in mainPage in Dell SonicWALL GMS before 7.1 SP2, SonicWALL Analyzer before 7.1 SP2, and SonicWALL UMA E5000 before 7.1 SP2 might allow remote attackers to inject arbitrary web script or HTML via the node_id parameter in a ScreenDisplayManager genNetwork action.
Credit: cret@cert.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| SonicWALL Global Management System | =7.0 | |
| SonicWALL Global Management System | =7.1 | |
| SonicWALL Global Management System | =7.1-sp1 | |
| SonicWALL UMA E5000 | ||
| SonicWALL Analyzer | =7.0 | |
| SonicWALL Analyzer | =7.1 | |
| SonicWALL Analyzer | =7.1-sp1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- collector/nvd-index
- agent/references
- agent/weakness
- agent/author
- agent/severity
- agent/last-modified-date
- agent/tags
- agent/softwarecombine
- agent/description
- agent/type
- agent/first-publish-date
- agent/event
- collector/mitre-cve
- source/MITRE
- vendor/sonicwall
- canonical/sonicwall global management system
- version/sonicwall global management system/7.0
- version/sonicwall global management system/7.1
- version/sonicwall global management system/7.1-sp1
- canonical/sonicwall uma e5000
- canonical/sonicwall analyzer
- version/sonicwall analyzer/7.0
- version/sonicwall analyzer/7.1
- version/sonicwall analyzer/7.1-sp1