CVE-2014-8420: Input Validation
First published: Tue Nov 25 2014(Updated: )
The ViewPoint web application in Dell SonicWALL Global Management System (GMS) before 7.2 SP2, SonicWALL Analyzer before 7.2 SP2, and SonicWALL UMA before 7.2 SP2 allows remote authenticated users to execute arbitrary code via unspecified vectors.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| SonicWALL Analyzer | =7.2-sp1 | |
| SonicWALL Global Management System | =7.2-sp1 | |
| Sonicwall Uma Em5000 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2014-8420?
CVE-2014-8420 has a medium to high severity level due to the potential for remote code execution by authenticated users.
How do I fix CVE-2014-8420?
To fix CVE-2014-8420, upgrade to SonicWALL Global Management System, Analyzer, or UMA version 7.2 SP2 or later.
Who is affected by CVE-2014-8420?
CVE-2014-8420 affects users of Dell SonicWALL Global Management System, Analyzer, and UMA versions prior to 7.2 SP2.
What types of attacks can exploit CVE-2014-8420?
CVE-2014-8420 can be exploited for remote code execution through unspecified vectors by authenticated users.
What are the potential consequences of CVE-2014-8420?
The consequences of CVE-2014-8420 include unauthorized access and control over the affected systems, leading to data breaches.
- collector/nvd-index
- agent/references
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/weakness
- agent/author
- agent/tags
- agent/last-modified-date
- agent/event
- agent/description
- agent/first-publish-date
- agent/source
- vendor/sonicwall
- canonical/sonicwall analyzer
- version/sonicwall analyzer/7.2-sp1
- canonical/sonicwall global management system
- version/sonicwall global management system/7.2-sp1
- canonical/sonicwall uma em5000