Vulnerability in Sonicwall Sma100

CVE-2024-45319

A vulnerability in the SonicWall SMA100 SSLVPN firmware 10.2.1.13-72sv and earlier versions allows a remote authenticated attacker can circumvent the certificate requirement during authentication.

EPSS: 0.007 (73.2th percentile) — read the EPSS interpretation.

Affected products

Sonicwall Sma100 — versions 10.2.1.13-72sv and earlier versions

Weakness classification (CWE)

CWE-798 — Use of Hard-coded Credentials

References

psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0018 (vendor-advisory)