CVSS 3.1 Score 6.5 of 10 (medium)


Published Oct 17, 2023
Updated: Oct 19, 2023
CWE ID 787
CWE ID 121


CVE-2023-39277 is a cyber vulnerability that affects various SonicOS products, including gjYF7p, gjYF7q, gGqVul, gGqVun, ii39BQ, and more. This vulnerability is a post-authentication stack-based buffer overflow in the sonicflow.csv and appflowsessions.csv URL endpoints, which can lead to a firewall crash. The risk score for this vulnerability is 25. To remediate it, organizations should apply any available patches or updates provided by SonicOS. This vulnerability poses a potential danger to organizations as it can result in network downtime and compromise the security of the firewall system.

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2023-39277 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options