CVE-2020-5148
Description
SonicWall SSO-agent default configuration uses NetAPI to probe the associated IPs in the network, this client probing method allows a potential attacker to capture the password hash of the privileged user and potentially forces the SSO Agent to authenticate allowing an attacker to bypass firewall access controls.
Risk Information
Base Score
8.2
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N
EPSS Score
Exploitation Probability
0.118
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Improper Authentication Vulnerability (CVE-2020-5148) | NCM |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234