SonicWall SSO-Agent NetAPI Vulnerability allows an attacker to force SSO Agent authentication, potentially leading to firewall access control bypass

<div>SonicWall SSO-agent default configuration uses Microsoft NetAPI to probe the associated IP's in the network, this client probing method allows a potential attacker to capture the password hash of the privileged user and potentially forces the SSO Agent to authenticate allowing an attacker to bypass firewall access controls.</div><div><br></div><div>SonicWall SSO agent is ONLY affected if NetAPI is selected as a client probing method. This is a Microsoft NetAPI vulnerability and NetWkstaUserEnum request that it uses.</div>
CVE: CVE-2020-5148
Last updated: March 4, 2021, 11:48 p.m.

Original Article

Leave a Reply

Your email address will not be published. Required fields are marked *