Welcome to our NEW support portal! We are now SonicWall, with a dedicated support site. Learn more.

SonicWALL GMS Product Notification

Self Service Tools
Knowledge Base
My SonicWall
Product Support
Professional Services
Software Downloads
Technical Documentation
Training and Certification
Video Tutorials
Support Essentials
Getting Started
License Agreement
Support Guide
Return
Critical Issue

Vulnerabilities in the SonicWall GMS and Analyzer have been resolved.

Affected Products

SonicWall GMS and Analyzer

Affected Software Versions

Versions 8.0 and 8.1

Issue Summary

Vulnerabilities were found pertaining to input validation/filter bypass, SQL Injection, XSS, and Adobe Flex bypass.

To fix these vulnerabilities, SonicWall recommends that existing users of SonicWall GMS and Analyzer upgrade to GMS/Analyzer 8.2.

GMS/Analyzer 8.2 is available for download from https://www.mySonicWall.com. Users should log into MySonicWall and click on Downloads > Download Center in the navigation panel on the left, then select GMS/Analyzer – Virtual Appliance or GMS/Analyzer – Windows in the Software Type drop down menu. Please see the Release Note for this release for detailed installation procedures.

Reported by

Vulnerability Labs (VL-ID-1819, input validation/filter bypass)

Zero Day Initiative (ZDI-CAN-3748, SQL Injection)

Zero Science Lab (VR-2016-01-C0V, SQL Injection; VR-2016-01-C1D, XSS; VR-2016-01-C1F, Adobe Flex Bypass)

Tenable Network Security (Remote Privilege Escalation)

Additional Information

Please contact SonicWall Support https://support.SonicWall.com/SonicWall-gms/software