CVE-2024-45319

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2024-45319
A vulnerability in the SonicWall SMA100 SSLVPN firmware 10.2.1.13-72sv and earlier versions allows a remote authenticated attacker can circumvent the certificate requirement during authentication.

6.3 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 2.8 / Impact : 3.4

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact LOW

Availability Impact LOW

Scope UNCHANGED

References
Link Resource
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0018 Vendor Advisory
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:sonicwall:sma_200_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:sma_200:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:sonicwall:sma_210_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:sma_210:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:sonicwall:sma_400_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:sma_400:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:sonicwall:sma_410_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:sma_410:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:sonicwall:sma_500v_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:sma_500v:-:*:*:*:*:*:*:*
History

04 Nov 2025, 17:09

Type Values Removed Values Added
Summary
  • (es) Una vulnerabilidad en el firmware SonicWall SMA100 SSLVPN 10.2.1.13-72sv y versiones anteriores permite que un atacante autenticado remoto pueda eludir el requisito del certificado durante la autenticación.
References () https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0018 - () https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0018 - Vendor Advisory
First Time Sonicwall sma 500v
Sonicwall sma 210 Firmware
Sonicwall
Sonicwall sma 410
Sonicwall sma 200
Sonicwall sma 400 Firmware
Sonicwall sma 210
Sonicwall sma 400
Sonicwall sma 500v Firmware
Sonicwall sma 200 Firmware
Sonicwall sma 410 Firmware
CPE cpe:2.3:h:sonicwall:sma_410:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:sma_500v:-:*:*:*:*:*:*:*
cpe:2.3:o:sonicwall:sma_400_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:sonicwall:sma_210_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:sonicwall:sma_500v_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:sma_200:-:*:*:*:*:*:*:*
cpe:2.3:o:sonicwall:sma_200_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:sonicwall:sma_410_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:sma_210:-:*:*:*:*:*:*:*
cpe:2.3:h:sonicwall:sma_400:-:*:*:*:*:*:*:*

05 Dec 2024, 17:15

Type Values Removed Values Added
New CVE
Information

Published : 2024-12-05 14:15

Updated : 2025-11-04 17:09

NVD link : CVE-2024-45319

Mitre link : CVE-2024-45319

CVE.ORG link : CVE-2024-45319

JSON object : View

Products Affected

sonicwall

  • sma_400
  • sma_410_firmware
  • sma_200_firmware
  • sma_410
  • sma_210
  • sma_210_firmware
  • sma_400_firmware
  • sma_500v
  • sma_500v_firmware
  • sma_200
CWE
CWE-798

Use of Hard-coded Credentials