CVE-2020-5140
N/A
N/A
Summary
A vulnerability in SonicOS allows a remote unauthenticated attacker to cause Denial of Service (DoS) on the firewall SSLVPN service by sending a malicious HTTP request that leads to memory addresses leak. This vulnerability affected SonicOS Gen 5 version 5.9.1.7, 5.9.1.13, Gen 6 version 6.5.4.7, 6.5.1.12, 6.0.5.3, SonicOSv 6.5.4.v and Gen 7 version SonicOS 7.0.0.0.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| SonicWall | SonicOS | SonicOS 6.5.4.7-79n and earlier | affected |
| SonicWall | SonicOS | SonicOS 5.9.1.7-2n and earlier | affected |
| SonicWall | SonicOS | SonicOS 5.9.1.13-5n and earlier | affected |
| SonicWall | SonicOS | SonicOS 6.5.1.11-4n and earlier | affected |
| SonicWall | SonicOS | SonicOS 6.0.5.3-93o and earlier | affected |
| SonicWall | SonicOS | SonicOSv 6.5.4.4-44v-21-794 and earlier | affected |
| SonicWall | SonicOS | SonicOS 7.0.0.0-1 | affected |
Weaknesses
- CWE-125: CWE-125: Out-of-bounds Read
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.