en-US
search-icon
SNWL - Icons

SonicWall Service Bulletin: GMS/Analyzer Vulnerability - April 2017

An Adobe Apache vulnerability has been patched in the SonicWall GMS and Analyzer.

Affected Products
SonicWall GMS and Analyzer

Affected Software Versions
Versions 8.1, 8.2, and 8.3

Issue Summary
This Hotfix addresses a SonicWall™ GMS/Analyzer Virtual Appliance and software vulnerability associated with Java deserialization. The vulnerability is not in the product itself but is located in the underlying Java CommonsCollections and Adobe BlazeDS.

To patch these vulnerabilities, SonicWall recommends that existing users of SonicWALL GMS and Analyzer apply Hotfix 185340.

GMS/Analyzer Hotfix 185340 is available for download from https://www.mysonicwall.com. Users should log into MySonicWall and click on Downloads > Download Center in the navigation panel on the left, then select GMS/Analyzer – Virtual Appliance or GMS/Analyzer – Windows in the Software Type drop down menu. Please see the Release Note for this release for detailed installation procedures.

Reported by
Code White Security, Markus Wulftange.  

Additional Information
Please see the Hotfix 185340 Release Note on MySonicwall.com.