Vulnerability Details CVE-2023-6340
SonicWall Capture Client version 3.7.10, NetExtender client version 10.2.337 and earlier versions are installed with sfpmonitor.sys driver. The driver has been found to be vulnerable to Denial-of-Service (DoS) caused by Stack-based Buffer Overflow vulnerability.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 20.8%
CVSS Severity
CVSS v3 Score 5.5
References
Products affected by CVE-2023-6340
-
cpe:2.3:a:sonicwall:capture_client:3.5
-
cpe:2.3:a:sonicwall:capture_client:3.7.10
-
cpe:2.3:a:sonicwall:netextender:-
-
cpe:2.3:a:sonicwall:netextender:10.2.300
-
cpe:2.3:a:sonicwall:netextender:10.2.322
-
cpe:2.3:a:sonicwall:netextender:10.2.336
-
cpe:2.3:a:sonicwall:netextender:10.2.337
-
cpe:2.3:a:sonicwall:netextender:7.5
-
cpe:2.3:a:sonicwall:netextender:7.5.226
-
cpe:2.3:a:sonicwall:netextender:7.5.227
-
cpe:2.3:a:sonicwall:netextender:8.0
-
cpe:2.3:a:sonicwall:netextender:8.0.236
-
cpe:2.3:a:sonicwall:netextender:8.0.238
-
cpe:2.3:a:sonicwall:netextender:9.0.815