CVE-2020-5148
First published: Fri Mar 05 2021(Updated: )
SonicWall SSO-agent default configuration uses NetAPI to probe the associated IP's in the network, this client probing method allows a potential attacker to capture the password hash of the privileged user and potentially forces the SSO Agent to authenticate allowing an attacker to bypass firewall access controls.
Credit: PSIRT@sonicwall.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| SonicWall Directory Services Connector | <4.1.19 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is CVE-2020-5148?
CVE-2020-5148 is a vulnerability in SonicWall SSO-agent that allows an attacker to capture the password hash of a privileged user and bypass firewall authentication.
How does CVE-2020-5148 work?
CVE-2020-5148 works by exploiting the default configuration of SonicWall SSO-agent, which uses NetAPI to probe associated IP addresses in the network, allowing an attacker to capture password hashes and potentially bypass firewall authentication.
What is the severity of CVE-2020-5148?
CVE-2020-5148 has a severity rating of 8.2, which is considered high.
Which software is affected by CVE-2020-5148?
SonicWall Directory Services Connector version up to and excluding 4.1.19 is affected by CVE-2020-5148.
How can I protect against CVE-2020-5148?
To protect against CVE-2020-5148, it is recommended to update SonicWall Directory Services Connector to a version that includes the necessary security patches.
- collector/nvd-index
- agent/weakness
- agent/severity
- agent/author
- agent/references
- agent/event
- agent/type
- agent/tags
- agent/description
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- vendor/sonicwall
- canonical/sonicwall directory services connector