Description: The authentication mechanism in SonicWall GMS and Analytics Web Services had insufficient checks, allowing authentication bypass. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions.
The CVSS Base Score is a score from 0 to 10 that represents the intrinsic severity of a vulnerability. A higher score indicates greater severity.
Database CWE: v4.18
CWE-305: Authentication Bypass by Primary Weakness ↗
The authentication algorithm is sound, but the implemented mechanism can be bypassed as the result of a separate weakness that is primary to the authentication error.
CWE-287: Improper Authentication ↗
When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.
Fonte: MITRE CWE
The EPSS (Exploit Prediction Scoring System) is a score from 0 to 1 that indicates the probability that a vulnerability will be exploited in the real world in the next 30 days. A higher value indicates a greater likelihood of exploitation.
The Percentile indicates how much higher this vulnerability's EPSS score is compared to all other vulnerabilities in the EPSS database. For example, a percentile of 0.90 (90%) means that 90% of vulnerabilities have an EPSS score equal to or lower than the current one.
*Data updated as of: 2026-07-14
The CISA KEV Catalog lists vulnerabilities that have been actively exploited in the real world. If a CVE is present in this catalog, it indicates that the threat is immediate and mitigation should be a top priority.
CVE CVE-2023-34124 is not present in the CISA KEV Catalog. This indicates that it is not currently classified by CISA as an actively exploited vulnerability.