'; } else{ echo ''; } echo 'Hillstone Networks'; } elseif ($_SERVER[HTTP_HOST] == "update1.huaantech.com.cn") { echo ''; echo 'huaantech'; } elseif ($_SERVER[HTTP_HOST] == "update1.dcnetworks.com.cn") { echo ''; echo 'dcnetworks'; } elseif ($_SERVER[HTTP_HOST] == "update1.w-ibeda.com") { if (false===strpos($_SERVER[REQUEST_URI],"/en/")) echo ''; else echo ''; echo 'w-ibeda'; } elseif ($_SERVER[HTTP_HOST] == "update1.hp-telecom.com") { echo ''; echo 'hp-telecom'; } elseif ($_SERVER[HTTP_HOST] == "update1.maipu.com") { echo ''; echo 'Maipu'; } elseif ($_SERVER[HTTP_HOST] == "update1.ncurity.com") { echo ''; echo 'Ncurity'; } elseif ($_SERVER[HTTP_HOST] == "update1.socusnetwork.com") { echo ''; echo 'Socusnetwork'; } else{ echo ''; echo 'Hillstone Networks'; } ?>
 
   
 

RULE(RULE ID:331975)

Rule General Information
Release Date: 2021-01-05
Rule Name: Dell SonicWALL GMS-Analyzer license.jsp Information Disclosure Vulnerability
Severity:
CVE ID:
Rule Protection Details
Description: An information disclosure vulnerability exists in the license.jsp component of Dell SonicWALL GMS, Analyzer. The vulnerability is due to a design weakness where the page containing sensitive information, license.jsp, can be accessed without authentication. This page returns the serial number for the product, which allows an attacker to calculate the key needed to reset the admin password for the server. A remote, unauthenticated attacker could exploit this vulnerability by navigating to the license.jsp of a vulnerable server.
Impact: Successful exploit results in a disclosure of the Serial Number for the product. An attacker can use this information to gain access to the admin account on the server.
Affected OS: Windows, Linux
Reference: https://www.tenable.com/security/research/tra-2016-37
Solutions
Please contact the software vendor to update the software patch.