SonicOS SSLVPN improper restriction of excessive MFA attempts vulnerability allows an authenticated attacker to use excessive MFA codes.
References
| Link | Resource |
|---|---|
| https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0005 | Vendor Advisory |
Configurations
Configuration 1 (hide)
| AND |
|
Configuration 2 (hide)
| AND |
|
Configuration 3 (hide)
| AND |
|
Configuration 4 (hide)
| AND |
|
History
14 Mar 2023, 16:42
| Type | Values Removed | Values Added |
|---|---|---|
| CPE | cpe:2.3:h:sonicwall:tz600p:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsv_470:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz270w:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz270:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:sm10800:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsv_200:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsa_9450:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz350:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz670:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsv_100:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz570w:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsv_300:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsv_1600:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz370:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nssp_15700:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nssp_10700:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz500:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nssp12400:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsa_3600:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsa_4650:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz600:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nssp_11700:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz570p:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:sm10400:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsa_9650:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz350w:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsa_2700:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsv_10:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz300p:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsa_4600:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz570:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsa_3700:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsa_6650:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:sm10200:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsa_9250:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsa_4700:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsa_6700:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:sm9800:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsv_270:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsv_800:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz400w:-:*:*:*:*:*:*:* cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:sm9200:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsv_870:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:sm9600:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:sohow:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz300w:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsv_50:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz400:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz470:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsa_3650:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz300:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:soho_250w:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsa_2650:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz370w:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz500w:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsv_25:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsa_5650:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsv_400:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsa_5700:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:soho_250:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz470w:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsa_6600:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsa_5600:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nssp12800:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nssp_13700:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:sm9400:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsa_2600:-:*:*:*:*:*:*:* |
|
| References | (CONFIRM) https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0005 - Vendor Advisory | |
| First Time |
Sonicwall tz370
Sonicwall nssp12400 Sonicwall nsv 25 Sonicwall tz300w Sonicwall tz500w Sonicwall tz400 Sonicwall nsa 6600 Sonicwall sonicos Sonicwall nsa 9450 Sonicwall tz350 Sonicwall nsa 2650 Sonicwall tz300p Sonicwall nsa 3700 Sonicwall sm9600 Sonicwall nssp 10700 Sonicwall tz500 Sonicwall nsa 6700 Sonicwall nsa 3650 Sonicwall nsa 5600 Sonicwall tz570 Sonicwall nsv 50 Sonicwall soho 250 Sonicwall nsa 5650 Sonicwall tz570p Sonicwall tz600 Sonicwall tz350w Sonicwall nsv 1600 Sonicwall tz270 Sonicwall nssp 15700 Sonicwall sm9400 Sonicwall nssp 13700 Sonicwall sm9200 Sonicwall nsv 400 Sonicwall nsv 200 Sonicwall nsa 3600 Sonicwall soho 250w Sonicwall sm10800 Sonicwall nsv 870 Sonicwall nsv 10 Sonicwall nsv 300 Sonicwall nsv 100 Sonicwall tz470 Sonicwall nsa 6650 Sonicwall nsa 2700 Sonicwall nsa 4700 Sonicwall tz300 Sonicwall sohow Sonicwall tz270w Sonicwall nsv 470 Sonicwall nsa 9250 Sonicwall nsv 270 Sonicwall Sonicwall tz370w Sonicwall nsa 2600 Sonicwall nsv 800 Sonicwall nsa 4650 Sonicwall nsa 4600 Sonicwall nsa 5700 Sonicwall tz570w Sonicwall nssp 11700 Sonicwall nsa 9650 Sonicwall tz470w Sonicwall tz600p Sonicwall tz670 Sonicwall nssp12800 Sonicwall tz400w Sonicwall sm9800 Sonicwall sm10400 Sonicwall sm10200 |
|
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 8.8 |
| CWE | CWE-307 |
02 Mar 2023, 22:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2023-03-02 22:15
Updated : 2023-12-10 14:48
NVD link : CVE-2023-1101
Mitre link : CVE-2023-1101
CVE.ORG link : CVE-2023-1101
JSON object : View
Products Affected
sonicwall
- sohow
- nsa_6700
- nsv_200
- tz350w
- nsv_400
- nsa_4600
- nsa_5650
- tz370w
- nsa_2600
- nsa_9650
- tz400w
- tz570w
- nsv_100
- nsv_1600
- nsv_50
- sm9200
- tz470w
- tz600
- tz370
- sm9800
- tz300
- tz270w
- nsa_4650
- tz500w
- nsv_25
- nsa_6650
- sm10400
- nsa_3650
- nssp_13700
- nsa_4700
- nsv_470
- tz470
- tz570
- nsa_9450
- nsv_800
- tz300p
- nsa_5600
- sonicos
- tz670
- tz350
- soho_250w
- nssp12800
- sm10800
- nsa_2700
- nsv_270
- nssp_11700
- nssp12400
- tz600p
- sm10200
- nsa_2650
- sm9400
- tz270
- sm9600
- soho_250
- nsv_300
- nsa_5700
- tz300w
- nsa_9250
- nsa_3700
- nsa_3600
- tz500
- nsa_6600
- nssp_15700
- tz400
- nsv_870
- tz570p
- nsv_10
- nssp_10700
CWE
CWE-307
Improper Restriction of Excessive Authentication Attempts