CVE-2019-7484
MEDIUM WAF: High
CVSS 6.5
Published: 2019-12-19
CWE-89 CWE-89
Authenticated SQL Injection in SonicWall SMA100 allow user to gain read-only access to unauthorized resources using viewcacert CGI script. This vulnerability impacted SMA100 version 9.0.0.3 and earlier.
WAF Coverage Analysis
SQL Injection
High WAF Coverage
OWASP: A03:2021 Injection
942xxx - SQL Injection
SQL Injection
High WAF Coverage
OWASP: A03:2021 Injection
942xxx - SQL Injection
Affected Software
| Vendor | Product | Version |
|---|---|---|
| sonicwall | sma_100_firmware | up to 9.0.0.3 |
References
- psirt.global.sonicwall.com (Vendor Advisory)