SonicWall Service Bulletin GMS Analyzer Vulnerability Fix - July 2016

SonicWALL Service Bulletin GMS Analyzer Vulnerability Fix - July 2016

Vulnerabilities in the Dell SonicWALL GMS and Analyzer have been resolved.

Affected Products

Dell SonicWALL GMS and Analyzer

Affected Software Versions

Versions 8.0 and 8.1.

Issue Summary

Vulnerabilities were found pertaining to command injection, unauthorized XXE, default account, and unauthorized modification of virtual appliance networking information. 

To fix these vulnerabilities, Dell highly recommends that existing users of Dell SonicWALL GMS and Analyzer Hotfix 174525.

GMS/Analyzer/UMA Hotfix 174525 is available for download from https://www.mysonicwall.com. Users should log into MySonicWALL and click on Downloads > Download Center in the navigation panel on the left, then select GMS/Analyzer – Virtual Appliance or GMS/Analyzer – Windows in the Software Type drop down menu. Please see the Release Note for this Hotfix for detailed installation procedures.

Reported by

Digital Defense Inc. (DDI)

Additional Information

Please contact Dell SonicWALL Global Support Services https://support.sonicwall.com/manage-service-request