333 matches found
CVE-2020-5137
A buffer overflow vulnerability in SonicOS allows a remote unauthenticated attacker to cause Denial of Service DoS on the firewall SSLVPN service and leads to firewall crash. This vulnerability affected SonicOS Gen 5 version 5.9.1.7, 5.9.1.13, Gen 6 version 6.5.4.7, 6.5.1.12, 6.0.5.3, SonicOSv...
CVE-2020-5139
A vulnerability in SonicOS SSLVPN service allows a remote unauthenticated attacker to cause Denial of Service DoS due to the release of Invalid pointer and leads to a firewall crash. This vulnerability affected SonicOS Gen 5 version 5.9.1.7, 5.9.1.13, Gen 6 version 6.5.4.7, 6.5.1.12, 6.0.5.3,...
CVE-2020-5138
A Heap Overflow vulnerability in the SonicOS allows a remote unauthenticated attacker to cause Denial of Service DoS on the firewall SSLVPN service and leads to SonicOS crash. This vulnerability affected SonicOS Gen 5 version 5.9.1.7, 5.9.1.13, Gen 6 version 6.5.4.7, 6.5.1.12, 6.0.5.3, SonicOSv...
CVE-2020-5138
A Heap Overflow vulnerability in the SonicOS allows a remote unauthenticated attacker to cause Denial of Service DoS on the firewall SSLVPN service and leads to SonicOS crash. This vulnerability affected SonicOS Gen 5 version 5.9.1.7, 5.9.1.13, Gen 6 version 6.5.4.7, 6.5.1.12, 6.0.5.3, SonicOSv...
Buffer overflow
A buffer overflow vulnerability in SonicOS allows a remote unauthenticated attacker to cause Denial of Service DoS on the firewall SSLVPN service and leads to firewall crash. This vulnerability affected SonicOS Gen 5 version 5.9.1.7, 5.9.1.13, Gen 6 version 6.5.4.7, 6.5.1.12, 6.0.5.3, SonicOSv...
Code injection
A vulnerability in SonicOS SSLVPN service allows a remote unauthenticated attacker to cause Denial of Service DoS due to the release of Invalid pointer and leads to a firewall crash. This vulnerability affected SonicOS Gen 5 version 5.9.1.7, 5.9.1.13, Gen 6 version 6.5.4.7, 6.5.1.12, 6.0.5.3,...
Design/Logic Flaw
A vulnerability in SonicOS allows a remote unauthenticated attacker to brute force Virtual Assist ticket ID in the firewall SSLVPN service. This vulnerability affected SonicOS Gen 5 version 5.9.1.7, 5.9.1.13, Gen 6 version 6.5.4.7, 6.5.1.12, 6.0.5.3, SonicOSv 6.5.4.v and Gen 7 version SonicOS...
Heap overflow
A Heap Overflow vulnerability in the SonicOS allows a remote unauthenticated attacker to cause Denial of Service DoS on the firewall SSLVPN service and leads to SonicOS crash. This vulnerability affected SonicOS Gen 5 version 5.9.1.7, 5.9.1.13, Gen 6 version 6.5.4.7, 6.5.1.12, 6.0.5.3, SonicOSv...
Code injection
SonicOS SSLVPN login page allows a remote unauthenticated attacker to perform firewall management administrator username enumeration based on the server responses. This vulnerability affected SonicOS Gen 5 version 5.9.1.7, 5.9.1.13, Gen 6 version 6.5.4.7, 6.5.1.12, 6.0.5.3, SonicOSv 6.5.4.v and G...
Cross site scripting
A stored cross-site scripting XSS vulnerability exists in the SonicOS SSLVPN web interface. A remote unauthenticated attacker is able to store and potentially execute arbitrary JavaScript code in the firewall SSLVPN portal. This vulnerability affected SonicOS Gen 5 version 5.9.1.7, 5.9.1.13, Gen ...
CVE-2020-5143
SonicOS SSLVPN login page vulnerability CVE-2020-5143 allows remote unauthenticated username enumeration based on server responses. Affected: SonicOS Gen 5 (5.9.1.7, 5.9.1.13), Gen 6 (6.5.4.7, 6.5.1.12, 6.0.5.3), SonicOSv 6.5.4.v, Gen 7 (SonicOS 7.0.0.0). Root cause: username enumeration through ...
CVE-2020-5143
SonicOS SSLVPN login page allows a remote unauthenticated attacker to perform firewall management administrator username enumeration based on the server responses. This vulnerability affected SonicOS Gen 5 version 5.9.1.7, 5.9.1.13, Gen 6 version 6.5.4.7, 6.5.1.12, 6.0.5.3, SonicOSv 6.5.4.v and G...
CVE-2020-5141
The CVE-2020-5141 entry covers SonicOS SSLVPN: a remote, unauthenticated attacker can brute-force the Virtual Assist ticket ID in the SSLVPN service. Affected software includes SonicOS Gen 5 (5.9.1.7, 5.9.1.13), Gen 6 (6.5.4.7, 6.5.1.12, 6.0.5.3), SonicOSv 6.5.4.v, and Gen 7 (SonicOS 7.0.0.0). Th...
CVE-2020-5141
A vulnerability in SonicOS allows a remote unauthenticated attacker to brute force Virtual Assist ticket ID in the firewall SSLVPN service. This vulnerability affected SonicOS Gen 5 version 5.9.1.7, 5.9.1.13, Gen 6 version 6.5.4.7, 6.5.1.12, 6.0.5.3, SonicOSv 6.5.4.v and Gen 7 version SonicOS...
CVE-2020-5142
CVE-2020-5142 is a stored XSS vulnerability in the SonicOS SSLVPN web interface. It affects SonicOS Gen 5 (5.9.1.7, 5.9.1.13), Gen 6 (6.5.4.7, 6.5.1.12, 6.0.5.3), SonicOSv 6.5.4.v, and Gen 7 (SonicOS 7.0.0.0). An unauthenticated remote attacker can inject and potentially execute arbitrary JavaScr...
CVE-2020-5142
A stored cross-site scripting XSS vulnerability exists in the SonicOS SSLVPN web interface. A remote unauthenticated attacker is able to store and potentially execute arbitrary JavaScript code in the firewall SSLVPN portal. This vulnerability affected SonicOS Gen 5 version 5.9.1.7, 5.9.1.13, Gen ...
CVE-2020-5140
SonicOS SSLVPN memory address leakage vulnerability (CVE-2020-5140) allows a remote unauthenticated attacker to trigger a Denial of Service by sending a malicious HTTP request. Affected: SonicOS Gen 5 (5.9.1.7, 5.9.1.13), Gen 6 (6.5.4.7, 6.5.1.12, 6.0.5.3), SonicOSv 6.5.4.v, Gen 7 (SonicOS 7.0.0....
CVE-2020-5139
CVE-2020-5139 is a vulnerability in SonicOS SSLVPN that enables a remote unauthenticated attacker to cause a Denial of Service (DoS) by releasing an invalid pointer, resulting in a firewall crash. Affected products and versions documented in multiple sources include SonicOS Gen 5 (5.9.1.7, 5.9.1....
CVE-2020-5138
CVE-2020-5138 describes a heap overflow in SonicOS SSLVPN that allows a remote, unauthenticated attacker to cause a Denial of Service (DoS) and a SonicOS crash. Affected versions include SonicOS Gen 5 (5.9.1.7, 5.9.1.13), Gen 6 (6.5.4.7, 6.5.1.12, 6.0.5.3), SonicOSv 6.5.4.v, and Gen 7 (SonicOS 7....
CVE-2020-5139
A vulnerability in SonicOS SSLVPN service allows a remote unauthenticated attacker to cause Denial of Service DoS due to the release of Invalid pointer and leads to a firewall crash. This vulnerability affected SonicOS Gen 5 version 5.9.1.7, 5.9.1.13, Gen 6 version 6.5.4.7, 6.5.1.12, 6.0.5.3,...