CVE-2018-5280
published 2018-01-08CVE-2018-5280: SonicWall SonicOS on Network Security Appliance (NSA) 2016 Q4 devices has XSS via the Configure SSO screens.
PriorityP427medium5.4CVSS 3.1
AVNACLPRLUIRSCCLILAN
EPSS
2.51%
82.8th percentile
SonicWall SonicOS on Network Security Appliance (NSA) 2016 Q4 devices has XSS via the Configure SSO screens.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| sonicwall | sonicos | — | — |
| sonicwall | sonicos | — | — |
| sonicwall | sonicos | — | — |
| sonicwall | sonicos | — | — |
| sonicwall | sonicos | — | — |
| sonicwall | sonicos | — | — |
CVSS provenance
nvdv3.15.4MEDIUMCVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
nvdv2.03.5LOWAV:N/AC:M/Au:S/C:N/I:P/A:N
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-8x78-9962-6w9r: SonicWall SonicOS on Network Security Appliance (NSA) 2016 Q4 devices has XSS via the Configure SSO screens
ghsa_unreviewed·2022-05-14
CVE-2018-5280 [MEDIUM] CWE-79 GHSA-8x78-9962-6w9r: SonicWall SonicOS on Network Security Appliance (NSA) 2016 Q4 devices has XSS via the Configure SSO screens
SonicWall SonicOS on Network Security Appliance (NSA) 2016 Q4 devices has XSS via the Configure SSO screens.
SonicWall
CVE-2018-5280: SonicWall SonicOS on Network Security Appliance (NSA) 2016 Q4 devices has XSS via the Configure SSO screens.
vendor_sonicwall·2018-01-08·CVSS 5.4
CVE-2018-5280 [MEDIUM] CWE-79 CVE-2018-5280: SonicWall SonicOS on Network Security Appliance (NSA) 2016 Q4 devices has XSS via the Configure SSO screens.
CVE-2018-5280: SonicWall SonicOS on Network Security Appliance (NSA) 2016 Q4 devices has XSS via the Configure SSO screens.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://www.securityfocus.com/bid/102438https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0001https://www.vulnerability-lab.com/get_content.php?id=1725http://www.securityfocus.com/bid/102438https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0001https://www.vulnerability-lab.com/get_content.php?id=1725
2018-01-08
Published