CVE-2020-5141
N/A
N/A
Summary
A vulnerability in SonicOS allows a remote unauthenticated attacker to brute force Virtual Assist ticket ID in the firewall SSLVPN service. This vulnerability affected SonicOS Gen 5 version 5.9.1.7, 5.9.1.13, Gen 6 version 6.5.4.7, 6.5.1.12, 6.0.5.3, SonicOSv 6.5.4.v and Gen 7 version SonicOS 7.0.0.0.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| SonicWall | SonicOS | SonicOS 6.5.4.7-79n and earlier | affected |
| SonicWall | SonicOS | SonicOS 5.9.1.7-2n and earlier | affected |
| SonicWall | SonicOS | SonicOS 5.9.1.13-5n and earlier | affected |
| SonicWall | SonicOS | SonicOS 6.5.1.11-4n and earlier | affected |
| SonicWall | SonicOS | SonicOS 6.0.5.3-93o and earlier | affected |
| SonicWall | SonicOS | SonicOSv 6.5.4.4-44v-21-794 and earlier | affected |
| SonicWall | SonicOS | SonicOS 7.0.0.0-1 | affected |
Weaknesses
- CWE-799: CWE-799: Improper Control of Interaction Frequency
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.