1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Dell patches critical flaws in SonicWALL Global Management System

Discussion in 'CSO' started by RSS, Jul 21, 2016.

  1. RSS

    RSS New Member Member

    Dell has patched several critical flaws in its central management system for SonicWALL enterprise security appliances, such as firewalls and VPN gateways.

    If left unfixed, the vulnerabilities allow remote, unauthenticated attackers to gain full control of SonicWALL Global Management System (GMS) deployments and the devices managed through those systems.

    The SonicWALL GMS virtual appliance software has six vulnerabilities, four of which are rated critical, according to researchers from security firm Digital Defense.

    First, unauthenticated attackers could inject arbitrary commands through the system's web interface that would be executed with root privileges. This is possible through two vulnerable methods: set_time_config and set_dns.

    To read this article in full or to leave a comment, please click here

    Continue reading...

Share This Page