SonicWall Service Bulletin: GMS/Analyzer Vulnerability - April 2017
An Adobe Apache vulnerability has been patched in the SonicWall GMS and Analyzer.
SonicWall GMS and Analyzer
Affected Software Versions
Versions 8.1, 8.2, and 8.3
This Hotfix addresses a SonicWall™ GMS/Analyzer Virtual Appliance and software vulnerability associated with Java deserialization. The vulnerability is not in the product itself but is located in the underlying Java CommonsCollections and Adobe BlazeDS.
To patch these vulnerabilities, SonicWall recommends that existing users of SonicWALL GMS and Analyzer apply Hotfix 185340.
GMS/Analyzer Hotfix 185340 is available for download from https://www.mysonicwall.com. Users should log into MySonicWall and click on Downloads > Download Center in the navigation panel on the left, then select GMS/Analyzer – Virtual Appliance or GMS/Analyzer – Windows in the Software Type drop down menu. Please see the Release Note for this release for detailed installation procedures.
Code White Security, Markus Wulftange.
Please see the Hotfix 185340 Release Note on MySonicwall.com.