en-US
search-icon
SNWL - Icons

SonicWall Support Alert - SonicWall GMS Service Bulletin for Cross-Site Scripting Vulnerability 7.x

"

Dell SonicWALL GMS Service Bulletin for Cross-Site Scripting Vulnerability


Dear Customer,

A vulnerability was reported in Dell SonicWALL GMS/Analyzer/UMA in October 2013.

This is a service bulletin for 125782, a mandatory HotFix that resolves the vulnerability in SonicWALL GMS, Analyzer, and on the Universal Management Appliance EM5000 (UMA EM5000). This HotFix must be applied to your version 5.1.x, 6.0.x, and 7.0.x GMS, Analyzer, and UMA deployments after applying HotFixes 125076.77 and 125323. These Hotfixes can be downloaded from www.mysonicwall.com.

Affected Products

Dell SonicWALL Appliances

  • GMS
  • Analyzer
  • UMA E5000

Affected Software Versions

Version 7.x

Issue Summary

Cross-site scripting vulnerability.

Resolution

We recommend existing users of Dell SonicWALL GMS/Analyzer/UMA 7.1 to apply SP1 (if they have not already done so), and then apply Hotfix 134235 to prevent cross-site scripting by unauthorized users. 7.1 SP1 and the Hotfix are available for download from www.mysonicwall.com. Users should log into mySonicWALL and click on Downloads > Download Center in the navigation panel on the left, then select �GMS/Analyzer� in the Software Type drop down menu.

Reported By

Benjamin Kunz Mejri, Vulnerability Research Laboratory

Additional Information

Please contact Dell Software Support

"