CVE-2023-34133

CVE-2023-34133

Vendor Sonicwall

Product GMS

Weakness CWE-89 · SQLi

Published July 13, 2023

Last update April 23, 2025

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

01Description

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in SonicWall GMS and Analytics allows an unauthenticated attacker to extract sensitive information from the application database. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions.

Key dates

02Disclosure timeline

July 13, 2023 CVE published

April 23, 2025 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2023-34133 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/89.html

Related vulnerabilities

Identifiers

CVE CVE-2023-34133

CWE CWE-89

Affected versions

Vendor Sonicwall

Product GMS

Affected 9.3.2-SP1 and earlier versions

Vendor Sonicwall

Product Analytics

Affected 2.5.0.4-R7 and earlier versions

01Description

02Disclosure timeline

03References

04Related CVE