First published: Thu Jan 09 2025(Updated: )
An Improper Authentication vulnerability in the SSLVPN authentication mechanism allows a remote attacker to bypass authentication.
Credit: PSIRT@sonicwall.com
Affected Software | Affected Version | How to fix |
---|---|---|
SonicWall SonicOS | ||
All of | ||
Any of | ||
SonicWall SonicOS | >=7.1.1-7040<=7.1.1-7058 | |
SonicWall SonicOS | =7.1.2-7019 | |
Any of | ||
SonicWall NSA 2700 | ||
SonicWall NSA 3700 Firmware | ||
SonicWall NSA 4700 | ||
SonicWall NSA 5700 | ||
SonicWall NSA 6700 Firmware | ||
SonicWall NSSP 10700 Firmware | ||
SonicWall NSSP 11700 | ||
SonicWall NSSP 13700 | ||
SonicWall NSSP 15700 | ||
SonicWall NSV 270 | ||
SonicWall NSV 470 Firmware | ||
SonicWall NSv 870 | ||
SonicWall TZ270 | ||
SonicWall TZ270W Firmware | ||
SonicWall TZ370 | ||
SonicWall TZ370W Firmware | ||
SonicWall TZ470 Firmware | ||
SonicWall TZ470W Firmware | ||
SonicWall TZ570 Firmware | ||
SonicWall TZ570P Firmware | ||
SonicWall TZ570W Firmware | ||
SonicWall TZ670 Firmware | ||
All of | ||
SonicWall SonicOS | =8.0.0-8035 | |
SonicWall TZ80 |
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2024-53704 is classified as a critical severity vulnerability due to its impact on authentication bypass.
To resolve CVE-2024-53704, administrators should update SonicWall SonicOS to the latest patched version.
CVE-2024-53704 affects SonicWall SonicOS versions between 7.1.1-7040 and 7.1.2-7019, as well as 8.0.0-8035.
Yes, CVE-2024-53704 can be exploited by remote attackers to bypass the SSLVPN authentication mechanism.
The potential impact of CVE-2024-53704 includes unauthorized access to systems and data, leading to significant security breaches.