CVE-2019-7479
First published: Tue Dec 31 2019(Updated: )
A vulnerability in SonicOS allow authenticated read-only admin can elevate permissions to configuration mode. This vulnerability affected SonicOS Gen 5 version 5.9.1.12-4o and earlier, Gen 6 version 6.2.7.4-32n, 6.5.1.4-4n, 6.5.2.3-4n, 6.5.3.3-3n, 6.2.7.10-3n, 6.4.1.0-3n, 6.5.3.3-3n, 6.5.1.9-4n and SonicOSv 6.5.0.2-8v_RC363 (VMWARE), 6.5.0.2.8v_RC367 (AZURE), SonicOSv 6.5.0.2.8v_RC368 (AWS), SonicOSv 6.5.0.2.8v_RC366 (HYPER_V).
Credit: PSIRT@sonicwall.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| SonicWall SonicOS | <=5.9.1.12-4o | |
| SonicWall SonicOS | =6.2.7.4-32n | |
| SonicWall SonicOS | =6.2.7.10-3n | |
| SonicWall SonicOS | =6.4.1.0-3n | |
| SonicWall SonicOS | =6.5.1.4-4n | |
| SonicWall SonicOS | =6.5.1.9-4n | |
| SonicWall SonicOS | =6.5.2.3-4n | |
| SonicWall SonicOS | =6.5.3.3-3n | |
| Sonicwall Sonicosv | =6.5.0.2.8v | |
| Sonicwall Sonicosv | =6.5.0.2.8v-rc363 | |
| Sonicwall Sonicosv | =6.5.0.2.8v-rc366 | |
| Sonicwall Sonicosv | =6.5.0.2.8v-rc367 | |
| Sonicwall Sonicosv | =6.5.0.2.8v-rc368 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-2019-7479?
The severity of CVE-2019-7479 is high with a CVSS score of 7.2.
Which versions of SonicOS are affected by CVE-2019-7479?
CVE-2019-7479 affects SonicOS Gen 5 version 5.9.1.12-4o and earlier, Gen 6 version 6.2.7.4-32n, 6.5.1.4-4n, 6.5.2.3-4n, 6.5.3.3-3n, 6.2.7.10-3n, 6.4.1.0-3n, 6.5.1.9-4n, and 6.5.3.3-3n.
What is the vulnerability ID of the SonicOS vulnerability?
The vulnerability ID of the SonicOS vulnerability is CVE-2019-7479.
How can an authenticated read-only admin elevate permissions in SonicOS?
An authenticated read-only admin can elevate permissions to configuration mode in SonicOS through the vulnerability.
Where can I find more information about CVE-2019-7479?
You can find more information about CVE-2019-7479 at https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0012.
- collector/nvd-index
- agent/severity
- agent/references
- agent/weakness
- agent/author
- agent/tags
- agent/event
- agent/type
- agent/description
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- vendor/sonicwall
- canonical/sonicwall sonicos
- version/sonicwall sonicos/5.9.1.12-4o
- version/sonicwall sonicos/6.2.7.4-32n
- version/sonicwall sonicos/6.2.7.10-3n
- version/sonicwall sonicos/6.4.1.0-3n
- version/sonicwall sonicos/6.5.1.4-4n
- version/sonicwall sonicos/6.5.1.9-4n
- version/sonicwall sonicos/6.5.2.3-4n
- version/sonicwall sonicos/6.5.3.3-3n
- canonical/sonicwall sonicosv
- version/sonicwall sonicosv/6.5.0.2.8v
- version/sonicwall sonicosv/6.5.0.2.8v-rc363
- version/sonicwall sonicosv/6.5.0.2.8v-rc366
- version/sonicwall sonicosv/6.5.0.2.8v-rc367
- version/sonicwall sonicosv/6.5.0.2.8v-rc368