Improper authentication in SonicOS - CVE-2024-22394
Published: February 8, 2024
SonicOS
Detailed vulnerability description
The vulnerability allows a remote attacker to bypass authentication process.
The vulnerability exists due to an error in the SonicWall SonicOS SSL-VPN feature. A remote attacker can bypass authentication process and gain unauthorized access to the network.
How to mitigate CVE-2024-22394
Note, the vulnerability affects only firmware version SonicOS 7.1.1-7040.
To resolve the vulnerability update SonicOS to version 7.1.1-7047 or higher.