CVE-2023-0656 - Vulnerability Details

A Stack-based buffer overflow vulnerability in the SonicOS allows a remote unauthenticated attacker to cause Denial of Service (DoS), which could cause an impacted firewall to crash.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Sonicwall	Nsa 2700 Nsa 3700 Nsa 4700 Nsa 5700 Nsa 6700 Nssp 10700 Nssp 11700 Nssp 13700 Nssp 15700 Nsv 10 Nsv 100 Nsv 1600 Nsv 200 Nsv 25 Nsv 270 Nsv 300 Nsv 400 Nsv 470 Nsv 50 Nsv 800 Nsv 870 Sonicos Tz270 Tz270w Tz370 Tz370w Tz470 Tz470w Tz570 Tz570p Tz570w Tz670

Configuration 1 [-]

AND

cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*

OR	cpe:2.3:h:sonicwall:nsa_2700:-:::::::*
	cpe:2.3:h:sonicwall:nsa_3700:-:::::::*
	cpe:2.3:h:sonicwall:nsa_4700:-:::::::*
	cpe:2.3:h:sonicwall:nsa_5700:-:::::::*
	cpe:2.3:h:sonicwall:nsa_6700:-:::::::*
	cpe:2.3:h:sonicwall:nssp_10700:-:::::::*
	cpe:2.3:h:sonicwall:nssp_11700:-:::::::*
	cpe:2.3:h:sonicwall:nssp_13700:-:::::::*
	cpe:2.3:h:sonicwall:nsv_270:-:::::::*
	cpe:2.3:h:sonicwall:nsv_470:-:::::::*
	cpe:2.3:h:sonicwall:nsv_870:-:::::::*
	cpe:2.3:h:sonicwall:tz270:-:::::::*
	cpe:2.3:h:sonicwall:tz270w:-:::::::*
	cpe:2.3:h:sonicwall:tz370:-:::::::*
	cpe:2.3:h:sonicwall:tz370w:-:::::::*
	cpe:2.3:h:sonicwall:tz470:-:::::::*
	cpe:2.3:h:sonicwall:tz470w:-:::::::*
	cpe:2.3:h:sonicwall:tz570:-:::::::*
	cpe:2.3:h:sonicwall:tz570p:-:::::::*
	cpe:2.3:h:sonicwall:tz570w:-:::::::*
	cpe:2.3:h:sonicwall:tz670:-:::::::*

Configuration 2 [-]

AND

cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*

cpe:2.3:h:sonicwall:nssp_15700:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND

cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*

OR	cpe:2.3:h:sonicwall:nsv_10:-:::::::*
	cpe:2.3:h:sonicwall:nsv_100:-:::::::*
	cpe:2.3:h:sonicwall:nsv_1600:-:::::::*
	cpe:2.3:h:sonicwall:nsv_200:-:::::::*
	cpe:2.3:h:sonicwall:nsv_25:-:::::::*
	cpe:2.3:h:sonicwall:nsv_300:-:::::::*
	cpe:2.3:h:sonicwall:nsv_400:-:::::::*
	cpe:2.3:h:sonicwall:nsv_50:-:::::::*
	cpe:2.3:h:sonicwall:nsv_800:-:::::::*

No data.

References

Link	Providers
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0004

History

No history.

MITRE

Status: PUBLISHED

Assigner: sonicwall

Published: 2023-03-02T00:00:00

Updated: 2024-08-02T05:17:50.372Z

Reserved: 2023-02-02T00:00:00

Link: CVE-2023-0656

Vulnrichment

No data.

NVD

Status : Modified

Published: 2023-03-02T22:15:09.487

Modified: 2024-11-21T07:37:34.140

Link: CVE-2023-0656

Redhat

No data.

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Affected Vendors & Products

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object