CVE-2015-3990
First published: Wed May 20 2015(Updated: )
The GMS ViewPoint (GMSVP) web application in Dell Sonicwall GMS, Analyzer, and UMA EM5000 before 7.2 SP4 allows remote authenticated users to execute arbitrary commands via vectors related to configuration.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Sonicwall Uma Em5000 Firmware | <=7.2 | |
| Sonicwall Uma Em5000 | ||
| SonicWALL Analyzer | <=7.2 | |
| SonicWALL Global Management System | <=7.2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2015-3990?
CVE-2015-3990 is rated as high severity due to potential unauthorized command execution by remote authenticated users.
How do I fix CVE-2015-3990?
To fix CVE-2015-3990, upgrade the affected SonicWall software to version 7.2 SP4 or later.
Who is affected by CVE-2015-3990?
CVE-2015-3990 affects users of Dell SonicWall GMS, Analyzer, and UMA EM5000 running versions prior to 7.2 SP4.
What type of vulnerability is CVE-2015-3990?
CVE-2015-3990 is a command injection vulnerability that allows remote authenticated users to execute arbitrary commands.
Can CVE-2015-3990 be exploited remotely?
Yes, CVE-2015-3990 can be exploited remotely by authenticated users with access to the web application.
- collector/nvd-index
- agent/references
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/last-modified-date
- agent/severity
- agent/author
- agent/description
- agent/first-publish-date
- agent/tags
- agent/event
- agent/source
- vendor/sonicwall
- canonical/sonicwall uma em5000 firmware
- version/sonicwall uma em5000 firmware/7.2
- canonical/sonicwall uma em5000
- canonical/sonicwall analyzer
- version/sonicwall analyzer/7.2
- canonical/sonicwall global management system
- version/sonicwall global management system/7.2