CVE-2023-34132
published 2023-07-13CVE-2023-34132: Use of password hash instead of password for authentication vulnerability in SonicWall GMS and Analytics allows Pass-the-Hash attacks. This issue affects GMS…
PriorityP269critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EXPLOIT
EPSS
6.55%
93.0th percentile
Use of password hash instead of password for authentication vulnerability in SonicWall GMS and Analytics allows Pass-the-Hash attacks. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| sonicwall | analytics | <= 2.5.0.4-r7 | — |
| sonicwall | analytics | — | — |
| sonicwall | global_management_system | < 9.3.2 | 9.3.2 |
| sonicwall | global_management_system | — | — |
| sonicwall | gms | — | — |
| sonicwall | gms | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →CVE-2023-34132 enables Pass-the-Hash attacks against SonicWall GMS and Analytics by accepting a password hash in place of a plaintext password for authentication. Monitor for authentication attempts using hashed credentials against GMS/Analytics login endpoints. ↗
- →CVE-2023-34132 is part of a broader exploit chain (alongside auth bypass, SQL injection, and shell injection CVEs) targeting SonicWall GMS <= 9.9.9320, culminating in remote code execution. Correlate detections with CVE-2023-34124 activity. ↗
- ·Affected versions for GMS are 9.3.2-SP1 and earlier; Analytics are 2.5.0.4-R7 and earlier. Ensure version scope is correctly scoped in detection rules to avoid false positives on patched systems. ↗
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
SonicWall
CVE-2023-34132: Use of password hash instead of password for authentication vulnerability in SonicWall GMS and Analytics allows Pass-the-Hash attacks. This issue affe
vendor_sonicwall·2023-07-13·CVSS 9.8
CVE-2023-34132 [CRITICAL] CWE-836 CVE-2023-34132: Use of password hash instead of password for authentication vulnerability in SonicWall GMS and Analytics allows Pass-the-Hash attacks. This issue affe
CVE-2023-34132: Use of password hash instead of password for authentication vulnerability in SonicWall GMS and Analytics allows Pass-the-Hash attacks. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions.
GHSA
GHSA-j46v-q8ww-v3r9: Use of password hash instead of password for authentication vulnerability in SonicWall GMS and Analytics allows Pass-the-Hash attacks
ghsa_unreviewed·2023-07-13
CVE-2023-34132 [CRITICAL] CWE-836 GHSA-j46v-q8ww-v3r9: Use of password hash instead of password for authentication vulnerability in SonicWall GMS and Analytics allows Pass-the-Hash attacks
Use of password hash instead of password for authentication vulnerability in SonicWall GMS and Analytics allows Pass-the-Hash attacks. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions.
No detection rules found.
No writeups or analysis indexed.
http://packetstormsecurity.com/files/174571/Sonicwall-GMS-9.9.9320-Remote-Code-Execution.htmlhttps://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0010https://www.sonicwall.com/support/notices/230710150218060http://packetstormsecurity.com/files/174571/Sonicwall-GMS-9.9.9320-Remote-Code-Execution.htmlhttps://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0010https://www.sonicwall.com/support/notices/230710150218060
2023-07-13
Published