SonicWall SSO-agent default configuration uses NetAPI to probe the associated IP’s in the network, this client probing method allows a potential attacker to capture the password hash of the privileged user and potentially forces the SSO Agent to authenticate allowing an attacker to bypass firewall access controls.
[
{
"product": "Directory Services Connector",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "4.1.17 and earlier"
}
]
}
]