Sign-up

ID

VAR-201602-0123


CVE

CVE-2016-2397


TITLE

plural Dell SonicWALL Product cliserver Implementation of deserialization vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2016-001704

DESCRIPTION

The cliserver implementation in Dell SonicWALL GMS, Analyzer, and UMA EM5000 7.2, 8.0, and 8.1 before Hotfix 168056 allows remote attackers to deserialize and execute arbitrary Java code via crafted XML data. Supplementary information : CWE Vulnerability type by CWE-77: Improper Neutralization of Special Elements used in a Command ( Command injection ) Has been identified. An attacker can leverage this vulnerability to execute arbitrary code under the context of root. Multiple Dell SonicWALL Products are prone to a remote code-execution vulnerability. Successful exploitation can completely compromise the vulnerable device. The following products are vulnerable: Dell SonicWALL Global Management System Dell SonicWALL Analyzer Dell SonicWALL Universal Managemnet Appliance NOTE: This BID is being retired as it is a duplicate of BID 83200 (Multiple Dell SonicWALL Products Multiple Remote Code Execution Vulnerabilities). GMS is a global management system for rapid deployment and centralized management of SonicWALL infrastructure. Analyzer is a set of network analyzer software for SonicWALL infrastructure. UMA EM5000 is a set of general management equipment software

Trust: 2.7

sources: NVD: CVE-2016-2397 // JVNDB: JVNDB-2016-001704 // ZDI: ZDI-16-163 // BID: 84882 // VULHUB: VHN-91216 // VULMON: CVE-2016-2397

AFFECTED PRODUCTS

vendor:sonicwallmodel:uma em5000scope:eqversion:8.1

Trust: 1.6

vendor:sonicwallmodel:uma em5000scope:eqversion:8.0

Trust: 1.6

vendor:sonicwallmodel:global management systemscope:eqversion:8.1

Trust: 1.6

vendor:sonicwallmodel:analyzerscope:eqversion:8.1

Trust: 1.6

vendor:sonicwallmodel:global management systemscope:eqversion:8.0

Trust: 1.6

vendor:sonicwallmodel:uma em5000scope:eqversion:7.2

Trust: 1.6

vendor:sonicwallmodel:global management systemscope:eqversion:7.2

Trust: 1.6

vendor:sonicwallmodel:analyzerscope:eqversion:8.0

Trust: 1.6

vendor:sonicwallmodel:analyzerscope:eqversion:7.2

Trust: 1.6

vendor:dellmodel:sonicwall global management systemscope:eqversion:8.0

Trust: 1.1

vendor:dellmodel:sonicwall global management systemscope:eqversion:7.2

Trust: 1.1

vendor:dellmodel:sonicwall analyzerscope:eqversion:8.0

Trust: 1.1

vendor:dellmodel:sonicwall analyzerscope:eqversion:7.2

Trust: 1.1

vendor:dellmodel:sonicwall global management systemscope:eqversion:8.1 hotfix 168056

Trust: 0.8

vendor:dellmodel:sonicwall analyzerscope:eqversion:8.1 hotfix 168056

Trust: 0.8

vendor:dellmodel:sonicwall global management systemscope:ltversion:8.1

Trust: 0.8

vendor:dellmodel:sonicwall e-class universal management appliance em5000scope: - version: -

Trust: 0.8

vendor:dellmodel:sonicwall analyzerscope:ltversion:8.1

Trust: 0.8

vendor:dellmodel:sonicwall e-class universal management appliance em5000scope:eqversion:7.2

Trust: 0.8

vendor:dellmodel:sonicwall e-class universal management appliance em5000scope:eqversion:8.1 hotfix 168056

Trust: 0.8

vendor:dellmodel:sonicwall e-class universal management appliance em5000scope:ltversion:8.1

Trust: 0.8

vendor:dellmodel:sonicwall e-class universal management appliance em5000scope:eqversion:8.0

Trust: 0.8

vendor:sonicwallmodel:gms virtual appliancescope: - version: -

Trust: 0.7

vendor:dellmodel:sonicwall universal management appliance em5000scope:eqversion:8.1

Trust: 0.3

vendor:dellmodel:sonicwall universal management appliance em5000scope:eqversion:8.0

Trust: 0.3

vendor:dellmodel:sonicwall universal management appliancescope:eqversion:7.2

Trust: 0.3

vendor:dellmodel:sonicwall global management systemscope:eqversion:8.1

Trust: 0.3

vendor:dellmodel:sonicwall analyzerscope:eqversion:8.1

Trust: 0.3

sources: ZDI: ZDI-16-163 // BID: 84882 // JVNDB: JVNDB-2016-001704 // CNNVD: CNNVD-201602-323 // NVD: CVE-2016-2397

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2016-2397
value: CRITICAL

Trust: 1.0

NVD: CVE-2016-2397
value: HIGH

Trust: 0.8

ZDI: CVE-2016-2397
value: HIGH

Trust: 0.7

CNNVD: CNNVD-201602-323
value: CRITICAL

Trust: 0.6

VULHUB: VHN-91216
value: HIGH

Trust: 0.1

VULMON: CVE-2016-2397
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2016-2397
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 2.6

VULHUB: VHN-91216
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2016-2397
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 5.9
version: 3.0

Trust: 1.0

sources: ZDI: ZDI-16-163 // VULHUB: VHN-91216 // VULMON: CVE-2016-2397 // JVNDB: JVNDB-2016-001704 // CNNVD: CNNVD-201602-323 // NVD: CVE-2016-2397

PROBLEMTYPE DATA

problemtype:CWE-77

Trust: 1.1

problemtype:CWE-Other

Trust: 0.8

sources: VULHUB: VHN-91216 // JVNDB: JVNDB-2016-001704 // NVD: CVE-2016-2397

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201602-323

TYPE

lack of information

Trust: 0.6

sources: CNNVD: CNNVD-201602-323

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2016-001704

PATCH
title:SonicWALL Analyzer Product Notificationurl:https://support.software.dell.com/ja-jp/product-notification/185943
Trust: 0.8
title:SonicWALL has issued an update to correct this vulnerability.        Hotfix 168056url:https://www.mysonicwall.com/firmware/downloadcenter.aspx
Trust: 0.7
title:Multiple Dell Product security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=60259
Trust: 0.6
title:Java-Deserialization-CVEsurl:https://github.com/PalindromeLabs/Java-Deserialization-CVEs 
Trust: 0.1
sources:
            
            
            ZDI: ZDI-16-163 // 
            
            
            
            VULMON: CVE-2016-2397 // 
            
            
            
            JVNDB: JVNDB-2016-001704 // 
            
            
            
            CNNVD: CNNVD-201602-323

EXTERNAL IDS
db:ZDIid:ZDI-16-163
Trust: 3.6
db:NVDid:CVE-2016-2397
Trust: 3.3
db:SECTRACKid:1035015
Trust: 1.2
db:JVNDBid:JVNDB-2016-001704
Trust: 0.8
db:ZDI_CANid:ZDI-CAN-3137
Trust: 0.7
db:CNNVDid:CNNVD-201602-323
Trust: 0.7
db:BIDid:84882
Trust: 0.3
db:VULHUBid:VHN-91216
Trust: 0.1
db:BIDid:83200
Trust: 0.1
db:VULMONid:CVE-2016-2397
Trust: 0.1
sources:
            
            
            ZDI: ZDI-16-163 // 
            
            
            
            VULHUB: VHN-91216 // 
            
            
            
            VULMON: CVE-2016-2397 // 
            
            
            
            BID: 84882 // 
            
            
            
            JVNDB: JVNDB-2016-001704 // 
            
            
            
            CNNVD: CNNVD-201602-323 // 
            
            
            
            NVD: CVE-2016-2397

REFERENCES
url:https://support.software.dell.com/product-notification/185943
Trust: 2.1
url:http://www.zerodayinitiative.com/advisories/zdi-16-163
Trust: 1.8
url:http://www.securitytracker.com/id/1035015
Trust: 1.2
url:http://www.zerodayinitiative.com/advisories/zdi-16-163/
Trust: 1.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-2397
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-2397
Trust: 0.8
url:https://www.mysonicwall.com/firmware/downloadcenter.aspx
Trust: 0.7
url:http://www.sonicwall.com/us/en/products/gms-series.html
Trust: 0.3
url:https://cwe.mitre.org/data/definitions/77.html
Trust: 0.1
url:https://nvd.nist.gov
Trust: 0.1
url:https://www.securityfocus.com/bid/83200
Trust: 0.1
url:https://github.com/palindromelabs/java-deserialization-cves
Trust: 0.1
sources:
            
            
            ZDI: ZDI-16-163 // 
            
            
            
            VULHUB: VHN-91216 // 
            
            
            
            VULMON: CVE-2016-2397 // 
            
            
            
            BID: 84882 // 
            
            
            
            JVNDB: JVNDB-2016-001704 // 
            
            
            
            CNNVD: CNNVD-201602-323 // 
            
            
            
            NVD: CVE-2016-2397

CREDITS
cpnrodzc7
Trust: 0.7
sources:
            
            
            ZDI: ZDI-16-163

SOURCES
db:ZDIid:ZDI-16-163
db:VULHUBid:VHN-91216
db:VULMONid:CVE-2016-2397
db:BIDid:84882
db:JVNDBid:JVNDB-2016-001704
db:CNNVDid:CNNVD-201602-323
db:NVDid:CVE-2016-2397

LAST UPDATE DATE
2024-11-23T22:31:00.741000+00:00

SOURCES UPDATE DATE
db:ZDIid:ZDI-16-163date:2016-02-10T00:00:00
db:VULHUBid:VHN-91216date:2018-03-12T00:00:00
db:VULMONid:CVE-2016-2397date:2018-03-12T00:00:00
db:BIDid:84882date:2016-09-01T17:00:00
db:JVNDBid:JVNDB-2016-001704date:2016-03-15T00:00:00
db:CNNVDid:CNNVD-201602-323date:2016-02-18T00:00:00
db:NVDid:CVE-2016-2397date:2024-11-21T02:48:23.100

SOURCES RELEASE DATE
db:ZDIid:ZDI-16-163date:2016-02-10T00:00:00
db:VULHUBid:VHN-91216date:2016-02-17T00:00:00
db:VULMONid:CVE-2016-2397date:2016-02-17T00:00:00
db:BIDid:84882date:2016-02-17T00:00:00
db:JVNDBid:JVNDB-2016-001704date:2016-03-15T00:00:00
db:CNNVDid:CNNVD-201602-323date:2016-02-18T00:00:00
db:NVDid:CVE-2016-2397date:2016-02-17T15:59:07.690