CVE-2024-45319

Description

A vulnerability in the SonicWall SMA100 SSLVPN firmware 10.2.1.13-72sv and earlier versions allows a remote authenticated attacker can circumvent the certificate requirement during authentication.

CVSS breakdown

CVSS 3.1

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

Low

Integrity

Low

Availability

Low

Affected products

SonicWall / SMA10010.2.1.13-72sv and earlier versions – 10.2.1.13-72sv and earlier versions

References

VENDOR_ADVISORYhttps://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0018