What is the severity of CVE-2023-5970?

CVE-2023-5970 is classified as a medium severity vulnerability.

How do I fix CVE-2023-5970?

To mitigate CVE-2023-5970, upgrade your SonicWall SMA firmware to version above 10.2.1.9-57sv.

What types of attacks can CVE-2023-5970 facilitate?

CVE-2023-5970 can allow an attacker to bypass MFA by creating an identical external domain user using accent characters.

Which SonicWall products are affected by CVE-2023-5970?

CVE-2023-5970 affects SonicWall SMA 200, SMA 210, SMA 400, SMA 410, and SMA 500v firmware with specified versions.

Who can exploit CVE-2023-5970?

CVE-2023-5970 can be exploited by remote authenticated attackers with access to the SMA100 SSL-VPN virtual office portal.

Vulnerability/
CVE-2023-5970

high

8.8

CWE

287

EPSS

0.088%

5/12/2023

2/8/2024

CVE-2023-5970

First published: Tue Dec 05 2023(Updated: )

Improper authentication in the SMA100 SSL-VPN virtual office portal allows a remote authenticated attacker to create an identical external domain user using accent characters, resulting in an MFA bypass.

Credit: PSIRT@sonicwall.com

Affected Software	Affected Version	How to fix
All of
SonicWall SMA 200	<=10.2.1.9-57sv
SonicWall SMA 200 firmware
All of
SonicWall SMA 210	<=10.2.1.9-57sv
SonicWall SMA 210 Firmware
All of
SonicWall SMA 400	<=10.2.1.9-57sv
SonicWall SMA 400 firmware
All of
SonicWall SMA 410	<=10.2.1.9-57sv
SonicWall SMA 410
All of
SonicWall SMA 500v Firmware	<=10.2.1.9-57sv
SonicWall SMA 500v Firmware

Never miss a vulnerability like this again

Reference Links

https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0018

Frequently Asked Questions

What is the severity of CVE-2023-5970?
CVE-2023-5970 is classified as a medium severity vulnerability.
How do I fix CVE-2023-5970?
To mitigate CVE-2023-5970, upgrade your SonicWall SMA firmware to version above 10.2.1.9-57sv.
What types of attacks can CVE-2023-5970 facilitate?
CVE-2023-5970 can allow an attacker to bypass MFA by creating an identical external domain user using accent characters.
Which SonicWall products are affected by CVE-2023-5970?
CVE-2023-5970 affects SonicWall SMA 200, SMA 210, SMA 400, SMA 410, and SMA 500v firmware with specified versions.
Who can exploit CVE-2023-5970?
CVE-2023-5970 can be exploited by remote authenticated attackers with access to the SMA100 SSL-VPN virtual office portal.

agent/first-publish-date
agent/type
agent/event
agent/weakness
agent/author
agent/severity
agent/references
collector/epss-latest
source/FIRST
agent/description
agent/epss
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/source
agent/softwarecombine
agent/tags
collector/nvd-api
agent/software-canonical-lookup-request
vendor/sonicwall
canonical/sonicwall sma 200
version/sonicwall sma 200/10.2.1.9-57sv
canonical/sonicwall sma 200 firmware
canonical/sonicwall sma 210
version/sonicwall sma 210/10.2.1.9-57sv
canonical/sonicwall sma 210 firmware
canonical/sonicwall sma 400
version/sonicwall sma 400/10.2.1.9-57sv
canonical/sonicwall sma 400 firmware
canonical/sonicwall sma 410
version/sonicwall sma 410/10.2.1.9-57sv
canonical/sonicwall sma 500v firmware
version/sonicwall sma 500v firmware/10.2.1.9-57sv

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.