An improper authentication vulnerability has been identified in SonicWall SonicOS SSL-VPN feature, which in specific conditions could allow a remote attacker to bypass authentication.
This issue affects only firmware version SonicOS 7.1.1-7040.
References
Link | Resource |
---|---|
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0003 | Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
History
14 Feb 2024, 21:46
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
|
CPE | cpe:2.3:h:sonicwall:nsa_2700:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz570w:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz470:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz570:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz570p:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsa_6700:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz370:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz370w:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nssp_10700:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsv_870:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsa_5700:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz670:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsa_3700:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nssp_11700:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nssp_13700:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsv_270:-:*:*:*:*:*:*:* cpe:2.3:o:sonicwall:sonicos:7.1.1-7040:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsa_4700:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:nsv_470:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz270w:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:t2270:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:tz470w:-:*:*:*:*:*:*:* |
|
First Time |
Sonicwall nsa 4700
Sonicwall nsv 870 Sonicwall tz370 Sonicwall nssp 13700 Sonicwall nsv 470 Sonicwall nsa 5700 Sonicwall nsa 2700 Sonicwall tz470 Sonicwall nsa 6700 Sonicwall nsv 270 Sonicwall nsa 3700 Sonicwall Sonicwall tz670 Sonicwall t2270 Sonicwall tz370w Sonicwall nssp 10700 Sonicwall tz570p Sonicwall tz270w Sonicwall tz470w Sonicwall nssp 11700 Sonicwall tz570 Sonicwall sonicos Sonicwall tz570w |
|
References | () https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0003 - Vendor Advisory | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 9.8 |
08 Feb 2024, 02:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-02-08 02:15
Updated : 2024-02-14 21:46
NVD link : CVE-2024-22394
Mitre link : CVE-2024-22394
CVE.ORG link : CVE-2024-22394
JSON object : View
Products Affected
sonicwall
- tz470
- nsa_4700
- tz670
- tz270w
- nsa_3700
- nsv_870
- sonicos
- nsv_270
- nssp_10700
- nsv_470
- nsa_2700
- nssp_13700
- tz570w
- nssp_11700
- tz470w
- t2270
- tz570p
- nsa_6700
- tz570
- tz370
- tz370w
- nsa_5700
CWE
CWE-287
Improper Authentication