Join the Conversation

To sign in, use your existing MySonicWall account. To create a free MySonicWall account click "Register".

Recent vulnerability SNWLID-2020-0010

Hi,

Can someone please explain more on this.

Are all firmwares below latest affected? The advisory is confusing to read.

I have some Azure NSv's on SonicOS Enhanced 6.5.0.2-8v-37-628-6103f3e3

Are these affected?

Is there a patch for 6.5.0.2 Azure NSv or do I have to Re-deploy with Version 6.5.4.4 and upgrade to sonicwall_nsv_azure_6.5.4.4-44v-21-987

Category: Virtual Firewall
Reply

Answers

  • BWCBWC Cybersecurity Overlord ✭✭✭

    Hi @Otown

    in my understanding everything is affected listed here (including earlier releases):

    • SonicOS 6.5.4.7-79n and earlier
    • SonicOS 6.5.1.11-4n and earlier
    • SonicOS 6.0.5.3-93o and earlier
    • SonicOSv 6.5.4.4-44v-21-794 and earlier
    • SonicOS 7.0.0.0-1

    And it's fixed with these releases (and later).

    • SonicOS 6.5.4.7-83n
    • SonicOS 6.5.1.12-1n
    • SonicOS 6.0.5.3-94o
    • SonicOS 6.5.4.v-21s-987
    • Gen 7 7.0.0.0-2 and onwards


    I'am no NSv user, but I guess you can install 6.5.4.4-44V-21-987, which is available as .SWI file, only if you already running 6.5.4.4, which is not the case. I wasn't aware of such a limitation and it does not sound like maintaining of NSv that comfortable.

    --Michael@BWC

  • OtownOtown Newbie ✭
    edited October 16

    Cheers Michael, yeah its not as well explained as the other CVE's where they give you all the models and firmware versions to and from?

    Like

    • SonicOS 6.5.4.7-79n and earlier
    • SonicOS 6.5.1.11-4n and earlier

    why mention both, if it is 6.5.4 and earlier, that includes 6.5.1 ? Or why not say 6.5.2 also if you are mentioning all the 6.5.x versions? or 6.2.x?

    Unfortunately yes on the Azure NSv's if deployed pre 6.5.4 they are on 6.5.0. It sounds like using the VM re-deploy option in Azure will re-deploy with all the same azure resources but on 6.5.4 and then you just import the settings but again their guide is vaguely unhelpful :( .

  • MicahMicah Administrator

    Self-Service Sr. Manager at SonicWall. Say "hi" by tagging me at @micah.

  • OtownOtown Newbie ✭

    @Micah Thanks, thats a little clearer I guess.

    My NSv's in Azure are still a concern. I also have some on  6.5.4-757 and they do not find the new firmware when using the "advised" console method.... ughh


  • kthorkthor Newbie ✭

    Hello,

    Anyone seen statements regarding the SRA and SMA systems?


    K

  • BWCBWC Cybersecurity Overlord ✭✭✭

    @kthor

    that's a valid question about SRA/SMA, not sure how far the similarties are internally.

    What I noticed, that the build date of 6.5.4.7-79n is Aug 22nd, that must be a heck of an internal review until it got released more then one month later.

    --Michael@BWC

Sign In or Register to comment.