CVE-2024-12802: SSL-VPN MFA Bypass in SonicWALL SSL-VPN can arise in specific cases due to the separate handling of UPN (User Principal Name) and SAM (Security...

9.1 CVSS

Description

SSL-VPN MFA Bypass in SonicWALL SSL-VPN can arise in specific cases due to the separate handling of UPN (User Principal Name) and SAM (Security Account Manager) account names when integrated with Microsoft Active Directory, allowing MFA to be configured independently for each login method and potentially enabling attackers to bypass MFA by exploiting the alternative account name.

Classification

CVE ID: CVE-2024-12802

CVSS Base Severity: CRITICAL

CVSS Base Score: 9.1

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Affected Products

Vendor: SonicWall

Product: SonicOS

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.04% (probability of being exploited)

EPSS Percentile: 11.48% (scored less or equal to compared to others)

EPSS Date: 2025-02-07 (when was this score calculated)

References

https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0001

Timeline

2025-01-10 00:30:14 UTC
CVE

SSL-VPN MFA Bypass in SonicWALL SSL-VPN can arise in specific cases due to the separate handling of UPN (User Principal Name) and SAM (Security...