CVE-2019-7478

Summary

A vulnerability in GMS allow unauthenticated user to SQL injection in Webservice module. This vulnerability affected GMS versions GMS 8.4, 8.5, 8.6, 8.7, 9.0 and 9.1.

Affected Software

VendorProductVersion RangeStatus
SonicWallGMSGMS 8.4affected
SonicWallGMSGMS 8.5affected
SonicWallGMSGMS 8.6affected
SonicWallGMSGMS 8.7affected
SonicWallGMSGMS 9.0affected
SonicWallGMSGMS 9.1affected

Weaknesses

  • CWE-89: CWE-89: Improper Sanitization of Special Elements used in an SQL Command ('SQL Injection')

ADP Enrichment

CVE Program Container

Additional References

References