Vulnerability Name: CVE-2018-9867 (CCN-157474) Assigned: 2018-04-09 Published: 2019-02-19 Updated: 2022-06-16 Summary: In SonicWall SonicOS, administrators without full permissions can download imported certificates. Occurs when administrators who are not in the SonicWall Administrators user group attempt to download imported certificates. This vulnerability affected SonicOS Gen 5 version 5.9.1.10 and earlier, Gen 6 version 6.2.7.3, 6.5.1.3, 6.5.2.2, 6.5.3.1, 6.2.7.8, 6.4.0.0, 6.5.1.8, 6.0.5.3-86o and SonicOSv 6.5.0.2-8v_RC363 (VMWARE), 6.5.0.2.8v_RC367 (AZURE), SonicOSv 6.5.0.2.8v_RC368 (AWS), SonicOSv 6.5.0.2.8v_RC366 (HYPER_V). CVSS v3 Severity: 5.5 Medium (CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N )4.8 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C )Exploitability Metrics: Attack Vector (AV): LocalAttack Complexity (AC): LowPrivileges Required (PR): LowUser Interaction (UI): NoneScope: Scope (S): UnchangedImpact Metrics: Confidentiality (C): HighIntegrity (I): NoneAvailibility (A): None
6.5 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N )5.7 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C )Exploitability Metrics: Attack Vector (AV): NetworkAttack Complexity (AC): LowPrivileges Required (PR): LowUser Interaction (UI): NoneScope: Scope (S): UnchangedImpact Metrics: Confidentiality (C): NoneIntegrity (I): HighAvailibility (A): None
CVSS v2 Severity: 2.1 Low (CVSS v2 Vector: AV:L/AC:L/Au:N/C:P/I:N/A:N )Exploitability Metrics: Access Vector (AV): LocalAccess Complexity (AC): LowAuthentication (Au): NoneImpact Metrics: Confidentiality (C): PartialIntegrity (I): NoneAvailibility (A): None
6.8 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:S/C:N/I:C/A:N )Exploitability Metrics: Access Vector (AV): NetworkAccess Complexity (AC): LowAthentication (Au): Single_InstanceImpact Metrics: Confidentiality (C): NoneIntegrity (I): CompleteAvailibility (A): None
Vulnerability Type: CWE-732 Vulnerability Consequences: Gain Access References: Source: MITRE Type: CNACVE-2018-9867 Source: XF Type: UNKNOWNsonicwall-cve20189867-unauthorized-access(157474) Source: CONFIRM Type: Vendor Advisoryhttps://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0017 Source: CCN Type: SonicWall Web siteMAKE YOUR MOVE TO THE CLOUD FASTER. AND SAFER. Source: CCN Type: Tenable Advisory ID: TRA-2019-08SonicOS Improper Certificate Access Source: MISC Type: Third Party Advisoryhttps://www.tenable.com/security/research/tra-2019-08 Vulnerable Configuration: Configuration 1 :cpe:/o:sonicwall:sonicos:*:*:*:*:*:*:*:* (Version >= 5.0.0.0 and <= 5.9.1.10)OR cpe:/o:sonicwall:sonicos:6.2.7.3:*:*:*:*:*:*:* OR cpe:/o:sonicwall:sonicos:6.5.1.3:*:*:*:*:*:*:* OR cpe:/o:sonicwall:sonicos:6.5.2.2:*:*:*:*:*:*:* OR cpe:/o:sonicwall:sonicos:6.5.3.1:*:*:*:*:*:*:* OR cpe:/o:sonicwall:sonicos:6.2.7.8:*:*:*:*:*:*:* OR cpe:/o:sonicwall:sonicos:6.4.0.0:*:*:*:*:*:*:* OR cpe:/o:sonicwall:sonicos:6.5.1.8:*:*:*:*:*:*:* OR cpe:/o:sonicwall:sonicos:6.0.5.3-86o:*:*:*:*:*:*:* OR cpe:/o:sonicwall:sonicosv:6.5.0.2-8v_rc363:*:*:*:*:vmware:*:* OR cpe:/o:sonicwall:sonicosv:6.5.0.2.8v_rc367:*:*:*:*:azure:*:* OR cpe:/o:sonicwall:sonicosv:6.5.0.2.8v_rc368:*:*:*:*:aws:*:* OR cpe:/o:sonicwall:sonicosv:6.5.0.2.8v_rc366:*:*:*:*:hyper_v:*:* Configuration CCN 1 :cpe:/o:sonicwall:sonicos:5.9.1.10:*:*:*:*:*:*:* Denotes that component is vulnerable BACK
sonicwall sonicos *
sonicwall sonicos 6.2.7.3
sonicwall sonicos 6.5.1.3
sonicwall sonicos 6.5.2.2
sonicwall sonicos 6.5.3.1
sonicwall sonicos 6.2.7.8
sonicwall sonicos 6.4.0.0
sonicwall sonicos 6.5.1.8
sonicwall sonicos 6.0.5.3-86o
sonicwall sonicosv 6.5.0.2-8v_rc363
sonicwall sonicosv 6.5.0.2.8v_rc367
sonicwall sonicosv 6.5.0.2.8v_rc368
sonicwall sonicosv 6.5.0.2.8v_rc366
sonicwall sonicos 5.9.1.10