SonicWall Critical Product Notification - GMS and Analyzer mandatory hotfix
12/20/2019
DESCRIPTION:
GMS and Analyzer Systems
Critical Product Notification
Dear Customer,
An urgent, mandatory hotfix is required to be applied immediately to GMS and Analyzer systems to resolve a high-severity vulnerability.
A set of login authentication vulnerabilities has been discovered in SonicWALL GMS and Analyzer systems. These vulnerabilities are design flaws and none of them are a “backdoor” as erroneously reported in the press.
Please immediately install a mandatory Hotfix for the products listed below. This Hotfix will remove the vulnerability and prevent an attacker from exploiting the application.
See the Support Bulletin and Knowledge Base article for more information. The Hotfix can be downloaded from www.mysonicwall.com. The Release Note found on MySonicWALL.com contains instructions on how to apply the hotfix.
Affected Products
- Dell SonicWALL Appliances
- GMS
- Analyzer
Affected Software Versions
- GMS/Analyzer 8.x
- GMS/Analyzer/UMA 7.x
Issue Summary
GMS/Analyzer contains vulnerabilities that could allow an unauthenticated, remote attacker to and gain administrative access to the GMS.
Resolution
Dell SonicWALL requires that all affected customers immediately install mandatory Hotfix #174525 to remove the vulnerability. This Hotfix can be downloaded from www.mysonicwall.com.
Sincerely,
The SonicWALL Customer Support Team
