CVE-2015-3990

Published: May 20, 2015Modified: May 6, 2026

9.0

Vector

AV:N/AC:L/Au:S/C:C/I:C/A:C

Exploitability: 8.0 / Impact: 10.0

Source: NVD

Description

The GMS ViewPoint (GMSVP) web application in Dell Sonicwall GMS, Analyzer, and UMA EM5000 before 7.2 SP4 allows remote authenticated users to execute arbitrary commands via vectors related to configuration.

Affected (3)

Products: Sonicwall: Uma Em5000 Firmware, Analyzer, Global Management System

Sonicwall

3 products

Uma Em5000 Firmware

Analyzer

Global Management System

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Sonicwall Uma Em5000 Firmware	Up to 7.2

Running on/with	Platform Versions
Sonicwall Uma Em5000	All versions

Configuration B

2 vulnerable

Vulnerable Software	Affected Versions
Sonicwall Analyzer	Up to 7.2
Sonicwall Global Management System	Up to 7.2

Related CWEs

CWE-19

References (8)

http://www.securityfocus.com/bid/74756

Source: zdi-disclosures@trendmicro.com

http://www.securitytracker.com/id/1032373

Source: zdi-disclosures@trendmicro.com

http://www.zerodayinitiative.com/advisories/ZDI-15-231/

Source: zdi-disclosures@trendmicro.com

https://support.software.dell.com/product-notification/152178

Source: zdi-disclosures@trendmicro.com

http://www.securityfocus.com/bid/74756

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securitytracker.com/id/1032373

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.zerodayinitiative.com/advisories/ZDI-15-231/

Source: af854a3a-2127-422b-91ae-364da2661108

https://support.software.dell.com/product-notification/152178

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.