CVE-2023-0655
published 2023-02-14CVE-2023-0655: SonicWall Email Security contains a vulnerability that could permit a remote unauthenticated attacker access to an error page that includes sensitive…
PriorityP427medium5.3CVSS 3.1
AVNACLPRNUINSUCLINAN
EPSS
0.72%
49.2th percentile
SonicWall Email Security contains a vulnerability that could permit a remote unauthenticated attacker access to an error page that includes sensitive information about users email addresses.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| sonicwall | email_security | <= 10.0.19.7431 | — |
| sonicwall | email_security | — | — |
| sonicwall | sonicwall_email_security | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-54c3-8q97-jg7f: SonicWall Email Security contains a vulnerability that could permit a remote unauthenticated attacker access to an error page that includes sensitive
ghsa_unreviewed·2023-02-14
CVE-2023-0655 [MEDIUM] CWE-209 GHSA-54c3-8q97-jg7f: SonicWall Email Security contains a vulnerability that could permit a remote unauthenticated attacker access to an error page that includes sensitive
SonicWall Email Security contains a vulnerability that could permit a remote unauthenticated attacker access to an error page that includes sensitive information about users email addresses.
SonicWall
CVE-2023-0655: SonicWall Email Security contains a vulnerability that could permit a remote unauthenticated attacker access to an error page that includes sensitive
vendor_sonicwall·2023-02-14·CVSS 5.3
CVE-2023-0655 [MEDIUM] CWE-209 CVE-2023-0655: SonicWall Email Security contains a vulnerability that could permit a remote unauthenticated attacker access to an error page that includes sensitive
CVE-2023-0655: SonicWall Email Security contains a vulnerability that could permit a remote unauthenticated attacker access to an error page that includes sensitive information about users email addresses.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2023-02-14
Published