VYPR

SSO-agent

by SonicWall

CVEs (2)

  • CVE-2022-22703Jan 17, 2022
    risk 0.00cvss epss 0.00

    In Stormshield SSO Agent 2.x before 2.1.1 and 3.x before 3.0.2, the cleartext user password and PSK are contained in the log file of the .exe installer.

  • CVE-2020-5148Mar 5, 2021
    risk 0.00cvss epss 0.01

    SonicWall SSO-agent default configuration uses NetAPI to probe the associated IP's in the network, this client probing method allows a potential attacker to capture the password hash of the privileged user and potentially forces the SSO Agent to authenticate allowing an attacker…