Vulnerability Description
SonicWall NetExtender Windows client vulnerable to unquoted service path vulnerability, this allows a local attacker to gain elevated privileges in the host operating system. This vulnerability impact SonicWall NetExtender Windows client version 10.2.300 and earlier.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Sonicwall | Netextender | <= 10.2.300 |
Related Weaknesses (CWE)
References
- http://packetstormsecurity.com/files/163857/SonicWall-NetExtender-10.2.0.300-UnqExploitThird Party AdvisoryVDB Entry
- https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2020-0023Vendor Advisory
- http://packetstormsecurity.com/files/163857/SonicWall-NetExtender-10.2.0.300-UnqExploitThird Party AdvisoryVDB Entry
- https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2020-0023Vendor Advisory
FAQ
What is CVE-2020-5147?
CVE-2020-5147 is a vulnerability with a CVSS score of 5.3 (MEDIUM). SonicWall NetExtender Windows client vulnerable to unquoted service path vulnerability, this allows a local attacker to gain elevated privileges in the host operating system. This vulnerability impact...
How severe is CVE-2020-5147?
CVE-2020-5147 has been rated MEDIUM with a CVSS base score of 5.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2020-5147?
Check the references section above for vendor advisories and patch information. Affected products include: Sonicwall Netextender.