SonicOS SSLVPN login page administrator username enumeration vulnerability

SonicOS SSLVPN login page allows a remote unauthenticated attacker to perform firewall management administrator username enumeration based on the server responses. This vulnerability affected SonicOS Gen 5 version 5.9.1.7, 5.9.1.13, Gen 6 version 6.5.4.7, 6.5.1.12, 6.0.5.3, and SonicOSv 6.5.4.v.
CVE: CVE-2020-5143
Last updated: Oct. 20, 2020, 9:53 a.m.

Original Article

Leave a Reply

Your email address will not be published. Required fields are marked *