Home

Description

Use of password hash instead of password for authentication vulnerability in SonicWall GMS and Analytics allows Pass-the-Hash attacks. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions.

PUBLISHED Reserved 2023-05-25 | Published 2023-07-13 | Updated 2025-02-13 | Assigner sonicwall

Problem types

CWE-836 Use of Password Hash Instead of Password for Authentication

Product status

Default status
unknown

9.3.2-SP1 and earlier versions
affected

Default status
unknown

2.5.0.4-R7 and earlier versions
affected

References

psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0010 vendor-advisory

www.sonicwall.com/support/notices/230710150218060 related

packetstormsecurity.com/...9.9320-Remote-Code-Execution.html

cve.org (CVE-2023-34132)

nvd.nist.gov (CVE-2023-34132)

Download JSON