Credential Exposure in SonicWall's Single Sign-On Agent
CVE-2020-5148

8.2HIGH

Key Information:

Vendor: Sonicwall
Status: Directory Services Connector
Vendor: CVE Published:; 5 March 2021

Summary

The SonicWall Single Sign-On (SSO) Agent is found to have a vulnerability due to its default configuration, which utilizes NetAPI to probe associated IP addresses within a network. This probing method can be exploited by an attacker to capture the password hash of users with privileged access. Consequently, this could allow the attacker to force the SSO Agent to authenticate improperly, thereby enabling them to bypass predefined firewall access controls and potentially gain unauthorized access to sensitive network resources.

Affected Version(s)

Directory Services Connector 4.1.17 and earlier

References

https://psirt.global.sonicwall.com/vuln-detail/SNWLID-202...

x_refsource_CONFIRM

CVSS V3.1

Score:

8.2

Severity:

HIGH

Confidentiality:

Low

Integrity:

High

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Mar 5, 2021
Vulnerability Reserved
Dec 31, 2019