Vulnerability Name: CVE-2018-9867 (CCN-157474) Assigned: 2018-04-09 Published: 2019-02-19 Updated: 2022-06-16 Summary: In SonicWall SonicOS, administrators without full permissions can download imported certificates. Occurs when administrators who are not in the SonicWall Administrators user group attempt to download imported certificates. This vulnerability affected SonicOS Gen 5 version 5.9.1.10 and earlier, Gen 6 version 6.2.7.3, 6.5.1.3, 6.5.2.2, 6.5.3.1, 6.2.7.8, 6.4.0.0, 6.5.1.8, 6.0.5.3-86o and SonicOSv 6.5.0.2-8v_RC363 (VMWARE), 6.5.0.2.8v_RC367 (AZURE), SonicOSv 6.5.0.2.8v_RC368 (AWS), SonicOSv 6.5.0.2.8v_RC366 (HYPER_V). CVSS v3 Severity: 5.5 Medium (CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 4.8 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Exploitability Metrics: Attack Vector (AV): LocalAttack Complexity (AC): LowPrivileges Required (PR): LowUser Interaction (UI): NoneScope: Scope (S): UnchangedImpact Metrics: Confidentiality (C): HighIntegrity (I): NoneAvailibility (A): None
6.5 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N 5.7 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C Exploitability Metrics: Attack Vector (AV): NetworkAttack Complexity (AC): LowPrivileges Required (PR): LowUser Interaction (UI): NoneScope: Scope (S): UnchangedImpact Metrics: Confidentiality (C): NoneIntegrity (I): HighAvailibility (A): None
CVSS v2 Severity: 2.1 Low (CVSS v2 Vector: AV:L/AC:L/Au:N/C:P/I:N/A:N Exploitability Metrics: Access Vector (AV): LocalAccess Complexity (AC): LowAuthentication (Au): NoneImpact Metrics: Confidentiality (C): PartialIntegrity (I): NoneAvailibility (A): None
6.8 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:S/C:N/I:C/A:N Exploitability Metrics: Access Vector (AV): NetworkAccess Complexity (AC): LowAthentication (Au): Single_InstanceImpact Metrics: Confidentiality (C): NoneIntegrity (I): CompleteAvailibility (A): None
Vulnerability Type: CWE-732 Vulnerability Consequences: Gain Access References: Source: MITRECVE-2018-9867 sonicwall-cve20189867-unauthorized-access(157474) https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0017 MAKE YOUR MOVE TO THE CLOUD FASTER. AND SAFER. SonicOS Improper Certificate Access https://www.tenable.com/security/research/tra-2019-08 Vulnerable Configuration: Configuration 1 :cpe:/o:sonicwall:sonicos:*:*:*:*:*:*:*:* (Version >= 5.0.0.0 and <= 5.9.1.10)OR cpe:/o:sonicwall:sonicos:6.2.7.3:*:*:*:*:*:*:* OR cpe:/o:sonicwall:sonicos:6.5.1.3:*:*:*:*:*:*:* OR cpe:/o:sonicwall:sonicos:6.5.2.2:*:*:*:*:*:*:* OR cpe:/o:sonicwall:sonicos:6.5.3.1:*:*:*:*:*:*:* OR cpe:/o:sonicwall:sonicos:6.2.7.8:*:*:*:*:*:*:* OR cpe:/o:sonicwall:sonicos:6.4.0.0:*:*:*:*:*:*:* OR cpe:/o:sonicwall:sonicos:6.5.1.8:*:*:*:*:*:*:* OR cpe:/o:sonicwall:sonicos:6.0.5.3-86o:*:*:*:*:*:*:* OR cpe:/o:sonicwall:sonicosv:6.5.0.2-8v_rc363:*:*:*:*:vmware:*:* OR cpe:/o:sonicwall:sonicosv:6.5.0.2.8v_rc367:*:*:*:*:azure:*:* OR cpe:/o:sonicwall:sonicosv:6.5.0.2.8v_rc368:*:*:*:*:aws:*:* OR cpe:/o:sonicwall:sonicosv:6.5.0.2.8v_rc366:*:*:*:*:hyper_v:*:* Configuration CCN 1 :cpe:/o:sonicwall:sonicos:5.9.1.10:*:*:*:*:*:*:* BACK
sonicwall sonicos *
sonicwall sonicos 6.2.7.3
sonicwall sonicos 6.5.1.3
sonicwall sonicos 6.5.2.2
sonicwall sonicos 6.5.3.1
sonicwall sonicos 6.2.7.8
sonicwall sonicos 6.4.0.0
sonicwall sonicos 6.5.1.8
sonicwall sonicos 6.0.5.3-86o
sonicwall sonicosv 6.5.0.2-8v_rc363
sonicwall sonicosv 6.5.0.2.8v_rc367
sonicwall sonicosv 6.5.0.2.8v_rc368
sonicwall sonicosv 6.5.0.2.8v_rc366
sonicwall sonicos 5.9.1.10
Denotes that component is vulnerable