CVE-2024-12802

Summary

SSL-VPN MFA Bypass in SonicWALL SSL-VPN can arise in specific cases due to the separate handling of UPN (User Principal Name) and SAM (Security Account Manager) account names when integrated with Microsoft Active Directory, allowing MFA to be configured independently for each login method and potentially enabling attackers to bypass MFA by exploiting the alternative account name.

Affected Software

VendorProductVersion RangeStatus
SonicWallSonicOS6.5.4.4-44v-21-2457 and older versionsaffected
SonicWallSonicOS6.5.4.15-117n and older versionsaffected
SonicWallSonicOS7.0.1-5161 and older versionsaffected
SonicWallSonicOS7.1.1-7058 and older versionsaffected
SonicWallSonicOS7.1.2-7019affected
SonicWallSonicOS8.0.0-8035affected

Weaknesses

  • CWE-305: CWE-305 Authentication Bypass by Primary Weakness

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: total

References