CVE-2020-5129 — HIGH (7.5) — White Hats Nepal

Q: How severe is CVE-2020-5129?

CVE-2020-5129 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2020-5129?

Check the references section above for vendor advisories and patch information. Affected products include: Sonicwall Sma1000 Firmware, Sonicwall Sma1000.

Vulnerability Description

A vulnerability in the SonicWall SMA1000 HTTP Extraweb server allows an unauthenticated remote attacker to cause HTTP server crash which leads to Denial of Service. This vulnerability affected SMA1000 Version 12.1.0-06411 and earlier.

CVSS Score

7.5

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

NONE

Integrity

NONE

Availability

HIGH

Affected Products

Vendor	Product	Versions
Sonicwall	Sma1000 Firmware	<= 12.1.0-06411
Sonicwall	Sma1000	-

Related Weaknesses (CWE)

CWE-248 CWE-444

References

https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2020-0002Vendor Advisory
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2020-0002Vendor Advisory

FAQ

What is CVE-2020-5129?

CVE-2020-5129 is a vulnerability with a CVSS score of 7.5 (HIGH). A vulnerability in the SonicWall SMA1000 HTTP Extraweb server allows an unauthenticated remote attacker to cause HTTP server crash which leads to Denial of Service. This vulnerability affected SMA1000...

How severe is CVE-2020-5129?

CVE-2020-5129 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2020-5129?

Check the references section above for vendor advisories and patch information. Affected products include: Sonicwall Sma1000 Firmware, Sonicwall Sma1000.