Upgrade assistance on GMS 9.3 with Hotfix for SQL Injection Vulnerability

Description

This article describes to upgrade the GMS to the latest Hotfix for SQL Injection Vulnerability

Resolution

SonicWall Global Management System (GMS) contains a SQL Injection security vulnerability (CVE-2022-22280).It is recommended to upgrade to the GMS 9.3.1-SP2-Hotfix-2.

  • [[Security Notice: SonicWall GMS SQL Injection Vulnerability|220613083124303]]
Please ensure the current version of GMS on your environment is on 9.3.1-SP2-Hotfix-1 - 9.3.1 SP2-H1 version. As needed, download the below files from the MysonicWALL account.
 
Step 1:
GMS 9.3.9316 will be installed, iF you are on 9.3 version.
Download GMS Service Pack 1 - 9.3 SP1
Download GMS 9.3 MAR-22474.1-HotFix - 9.3.22474.1
Download GMS Service Pack 2 - 9.3.1 SP2
Download GMS 9.3.1-SP2-Hotfix-1 - 9.3.1 SP2-H1
Download GMS 9.3.1-SP2-Hotfix-2 - 9.3.1-SP2-Hotfix-2
                
    Image
Scroll down on the tab to see the GMS 9.3.1-SP2-Hotfix-2 on the page.
Step 2:
Please login to the GMS appliance
  • https://<IP address>/appliance/applianceMainPage
  • Navigate to System | Settings |FIRMWARE UPGRADE/SERVICE PACK/HOTFIX
  • Please verify the History for the current version.
Upload the files in the below sequence
GMS->9.3.9316 ->9.3 SP1-> 9.3 MAR-22474.1-HotFix ->9.3.1 SP2 -> 9.3.1 SP2-H1 ->9.3.1-SP2-Hotfix-2
 
NOTE: Please make sure to restart the appliance after applying each file.
NOTE: In case of distribution deployment install the hotfix first on console/AIOP system and then followed by on the agents.

 

Related Articles

  • Analytics On-Prem vs NSM Feature Matrix
    Read More
  • Analytics On-Prem End of Life and NSM Transition FAQ
    Read More
  • NSM On-Prem: Backups over SCP to Windows OpenSSH Server
    Read More

Categories

Management and Reporting
GMS
System
not finding your answers?
Ask the Community