SMA100 SSLVPN
by SonicWall
CVEs (4)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-53703 | 0.02 | — | 0.29 | Dec 5, 2024 | A vulnerability in the SonicWall SMA100 SSLVPN firmware 10.2.1.13-72sv and earlier versions mod_httprp library loaded by the Apache web server allows remote attackers to cause Stack-based buffer overflow and potentially lead to code execution. | |||
| CVE-2024-53702 | 0.00 | — | 0.00 | Dec 5, 2024 | Use of cryptographically weak pseudo-random number generator (PRNG) vulnerability in the SonicWall SMA100 SSLVPN backup code generator that, in certain cases, can be predicted by an attacker, potentially exposing the generated secret. | |||
| CVE-2024-45319 | 0.00 | — | 0.01 | Dec 5, 2024 | A vulnerability in the SonicWall SMA100 SSLVPN firmware 10.2.1.13-72sv and earlier versions allows a remote authenticated attacker can circumvent the certificate requirement during authentication. | |||
| CVE-2024-45318 | 0.00 | — | 0.03 | Dec 5, 2024 | A vulnerability in the SonicWall SMA100 SSLVPN web management interface allows remote attackers to cause Stack-based buffer overflow and potentially lead to code execution. |
- CVE-2024-53703Dec 5, 2024risk 0.02cvss —epss 0.29
A vulnerability in the SonicWall SMA100 SSLVPN firmware 10.2.1.13-72sv and earlier versions mod_httprp library loaded by the Apache web server allows remote attackers to cause Stack-based buffer overflow and potentially lead to code execution.
- CVE-2024-53702Dec 5, 2024risk 0.00cvss —epss 0.00
Use of cryptographically weak pseudo-random number generator (PRNG) vulnerability in the SonicWall SMA100 SSLVPN backup code generator that, in certain cases, can be predicted by an attacker, potentially exposing the generated secret.
- CVE-2024-45319Dec 5, 2024risk 0.00cvss —epss 0.01
A vulnerability in the SonicWall SMA100 SSLVPN firmware 10.2.1.13-72sv and earlier versions allows a remote authenticated attacker can circumvent the certificate requirement during authentication.
- CVE-2024-45318Dec 5, 2024risk 0.00cvss —epss 0.03
A vulnerability in the SonicWall SMA100 SSLVPN web management interface allows remote attackers to cause Stack-based buffer overflow and potentially lead to code execution.