CVE-2020-5141

Medium

A vulnerability in SonicOS allows a remote unauthenticated attacker to brute force Virtual Assist ticket ID in the firewall SSLVPN service.…

sonicwall·CWE-799·Published 2020-10-12

CVSS

6.5

EPSS

0.01

KEV

Exploits

cve.orgen

302 chars

A vulnerability in SonicOS allows a remote unauthenticated attacker to brute force Virtual Assist ticket ID in the firewall SSLVPN service. This vulnerability affected SonicOS Gen 5 version 5.9.1.7, 5.9.1.13, Gen 6 version 6.5.4.7, 6.5.1.12, 6.0.5.3, SonicOSv 6.5.4.v and Gen 7 version SonicOS 7.0.0.0.

NVDen

302 chars

NVDes

338 chars

Una vulnerabilidad en SonicOS, permite a un atacante remoto no autenticado usar fuerza bruta en el ID de ticket de Virtual Assist en el servicio SSLVPN del firewall. Esta vulnerabilidad afectó a SonicOS Gen 5 versiones 5.9.1.7, 5.9.1.13, Gen 6 versiones 6.5.4.7, 6.5.1.12, 6.0.5.3, SonicOSv versión 6.5.4.v y SonicOS Gen 7 versión 7.0.0.0

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	6.4	10.0	4.9	AV:N/AC:L/Au:N/C:P/I:P/A:N
3.1	Primary	NVD	6.5	3.9	2.5	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N