cbcvebase.
CVE-2023-34132
published 2023-07-13

CVE-2023-34132: Use of password hash instead of password for authentication vulnerability in SonicWall GMS and Analytics allows Pass-the-Hash attacks. This issue affects GMS…

PriorityP269critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EXPLOIT
EPSS
6.55%
93.0th percentile
Use of password hash instead of password for authentication vulnerability in SonicWall GMS and Analytics allows Pass-the-Hash attacks. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions.

Affected

6 ranges
VendorProductVersion rangeFixed in
sonicwallanalytics<= 2.5.0.4-r7
sonicwallanalytics
sonicwallglobal_management_system< 9.3.29.3.2
sonicwallglobal_management_system
sonicwallgms
sonicwallgms

Detection & IOCsextracted from sources · hover to see the quote

  • CVE-2023-34132 enables Pass-the-Hash attacks against SonicWall GMS and Analytics by accepting a password hash in place of a plaintext password for authentication. Monitor for authentication attempts using hashed credentials against GMS/Analytics login endpoints.
  • CVE-2023-34132 is part of a broader exploit chain (alongside auth bypass, SQL injection, and shell injection CVEs) targeting SonicWall GMS <= 9.9.9320, culminating in remote code execution. Correlate detections with CVE-2023-34124 activity.
  • ·Affected versions for GMS are 9.3.2-SP1 and earlier; Analytics are 2.5.0.4-R7 and earlier. Ensure version scope is correctly scoped in detection rules to avoid false positives on patched systems.
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.