fkie_nvd - fkie_cve-2023-1101

fkie_cve-2023-1101

Vulnerability from fkie_nvd

Published

2023-03-02 22:15

Modified

2025-03-07 20:15

Severity ?

8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Summary

SonicOS SSLVPN improper restriction of excessive MFA attempts vulnerability allows an authenticated attacker to use excessive MFA codes.

References

	URL	Tags
	PSIRT@sonicwall.com	https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0005	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0005	Vendor Advisory

Impacted products

Vendor	Product	Version
sonicwall	sonicos	*
sonicwall	nsa_2700	-
sonicwall	nsa_3700	-
sonicwall	nsa_4700	-
sonicwall	nsa_5700	-
sonicwall	nsa_6700	-
sonicwall	nssp_10700	-
sonicwall	nssp_11700	-
sonicwall	nssp_13700	-
sonicwall	nsv_270	-
sonicwall	nsv_470	-
sonicwall	nsv_870	-
sonicwall	tz270	-
sonicwall	tz270w	-
sonicwall	tz370	-
sonicwall	tz370w	-
sonicwall	tz470	-
sonicwall	tz470w	-
sonicwall	tz570	-
sonicwall	tz570p	-
sonicwall	tz570w	-
sonicwall	tz670	-
sonicwall	sonicos	*
sonicwall	nssp_15700	-
sonicwall	sonicos	*
sonicwall	nsv_10	-
sonicwall	nsv_100	-
sonicwall	nsv_1600	-
sonicwall	nsv_200	-
sonicwall	nsv_25	-
sonicwall	nsv_300	-
sonicwall	nsv_400	-
sonicwall	nsv_50	-
sonicwall	nsv_800	-
sonicwall	sonicos	*
sonicwall	nsa_2600	-
sonicwall	nsa_2650	-
sonicwall	nsa_3600	-
sonicwall	nsa_3650	-
sonicwall	nsa_4600	-
sonicwall	nsa_4650	-
sonicwall	nsa_5600	-
sonicwall	nsa_5650	-
sonicwall	nsa_6600	-
sonicwall	nsa_6650	-
sonicwall	nsa_9250	-
sonicwall	nsa_9450	-
sonicwall	nsa_9650	-
sonicwall	nssp12400	-
sonicwall	nssp12800	-
sonicwall	sm10200	-
sonicwall	sm10400	-
sonicwall	sm10800	-
sonicwall	sm9200	-
sonicwall	sm9400	-
sonicwall	sm9600	-
sonicwall	sm9800	-
sonicwall	soho_250	-
sonicwall	soho_250w	-
sonicwall	sohow	-
sonicwall	tz300	-
sonicwall	tz300p	-
sonicwall	tz300w	-
sonicwall	tz350	-
sonicwall	tz350w	-
sonicwall	tz400	-
sonicwall	tz400w	-
sonicwall	tz500	-
sonicwall	tz500w	-
sonicwall	tz600	-
sonicwall	tz600p	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "680A1C61-AA45-4CA1-88F6-95EC0A275E41",
              "versionEndExcluding": "7.0.1-5111",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:sonicwall:nsa_2700:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D8B0C7A-FD65-47CA-A625-150A90EFA7A1",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:sonicwall:nsa_3700:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A69E000B-5806-46FD-A233-4E2CC9DD38D2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:sonicwall:nsa_4700:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8DF4A322-7CC7-4AB9-B10E-FFF34DF2182D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:sonicwall:nsa_5700:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C15FED5-C48C-47CF-9645-0563D77883C1",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:sonicwall:nsa_6700:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A884B1BB-F201-4C77-9F6E-B8A884DCD4C2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:sonicwall:nssp_10700:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C3BA5A3-1160-4793-A8D6-40B9D264BCC4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:sonicwall:nssp_11700:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6739DEA3-06FF-4FEB-9931-0DB27F63B70E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:sonicwall:nssp_13700:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0250EDF9-0AEF-4711-8EF6-D447CF48BCAF",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:sonicwall:nsv_270:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2ABC8D8-2943-4073-9568-E87961A18998",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:sonicwall:nsv_470:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9F57D527-AA3F-45E9-9BCE-6F76691066B5",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:sonicwall:nsv_870:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F5ECCCF0-A5D8-42A8-8EC1-D12B49B1124A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:sonicwall:tz270:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "70340DD4-687B-402C-85AF-C2B80D0F1600",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:sonicwall:tz270w:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "52847BA2-470B-4078-A79B-52095DB9214B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:sonicwall:tz370:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9853AE3A-B0EA-4249-AA7D-1F2051C9BF91",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:sonicwall:tz370w:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4DBDD10C-F89D-4051-BC70-67B41167FF9B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:sonicwall:tz470:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6C23940E-2F9D-447B-A740-42035ED5D400",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:sonicwall:tz470w:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "90C790AD-C40E-4527-8F83-D278282A9600",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:sonicwall:tz570:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C7DF76E0-8E3D-4E0D-A3BB-F5AE05A4C7C9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:sonicwall:tz570p:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "352DFCF9-E333-41C0-8033-91265768FD8E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:sonicwall:tz570w:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C882C38-9DA5-4C03-BB23-AB2B448E3307",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:sonicwall:tz670:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AEEA6065-48D3-4EC7-BD94-CBAE3D1010FF",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C61C96E2-0679-4555-A5D6-75E1BE44CB1F",
              "versionEndIncluding": "7.0.1-5083",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:sonicwall:nssp_15700:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7D6CF3CF-256C-4C04-8BDF-B16398CD0459",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "715F6C7A-0A62-4261-8DD1-17F34AD5F710",
              "versionEndIncluding": "6.5.4.4-44v-21-1551",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:sonicwall:nsv_10:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "75912A50-E148-43C9-9335-BE19977F8A70",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:sonicwall:nsv_100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "12CF8746-84DF-4FB6-B5B7-AAED39E7FA6C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:sonicwall:nsv_1600:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3ED84FC8-3E4E-4D29-B725-57AE7EEEC6DA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:sonicwall:nsv_200:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AC0B21B1-ABA5-49E2-9B43-E85B9B447F45",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:sonicwall:nsv_25:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "731B4849-2F0B-4625-B768-2287964ECDAF",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:sonicwall:nsv_300:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BC92834-A624-49D8-BF14-9F545C63EB0B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:sonicwall:nsv_400:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "18066544-CD00-41A5-9392-6023020853D4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:sonicwall:nsv_50:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A644965-B1B8-4581-BCAC-8D6BCC961A03",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:sonicwall:nsv_800:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "30061761-D324-43DD-B43D-F2DFEF987364",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "24C1B08A-B303-44F3-9285-1539588476BD",
              "versionEndIncluding": "6.5.4.11-97n",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:sonicwall:nsa_2600:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F86D13F9-D41E-4230-9116-A781FFAEF00D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:sonicwall:nsa_2650:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B7BCDFEE-DC5A-44B8-85DF-8BFC02B1A973",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:sonicwall:nsa_3600:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8A24BCC0-CE41-49AF-B03D-D4FCB422503B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:sonicwall:nsa_3650:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "043858A6-26AC-4EB0-A240-A43AD08C6AD5",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:sonicwall:nsa_4600:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8FD73880-DC60-467F-99B6-69807D58A840",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:sonicwall:nsa_4650:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "73BB9452-A014-4A68-9662-63E6C60EEAD2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:sonicwall:nsa_5600:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B0CF683A-7E83-464B-8A0D-4CC641377FA6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:sonicwall:nsa_5650:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9FAAEBB4-F180-4195-BA7F-591AB02EEDC9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:sonicwall:nsa_6600:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD9C3F77-2F1A-4C4F-A8F8-CDBFB7B87891",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:sonicwall:nsa_6650:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "676B05B2-716E-4DC4-BEE8-0E3BCCA5DB27",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:sonicwall:nsa_9250:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "60219D0D-240E-4C5E-ADEE-0144DB076F28",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:sonicwall:nsa_9450:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "260EAE19-8320-4616-8833-B214D41FA98E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:sonicwall:nsa_9650:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "94F17A77-EB74-4815-A026-6116755EFB37",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:sonicwall:nssp12400:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DD310CFE-1171-471A-8B29-A8974F06FF5C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:sonicwall:nssp12800:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "462177B2-E0EC-494A-93A8-9582DCECC368",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:sonicwall:sm10200:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D96A9430-B9FC-48FE-8507-E7694F80EF5B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:sonicwall:sm10400:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A515B0BE-3655-48A1-B113-9A4E39A40CE9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:sonicwall:sm10800:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "40C227CA-D865-47CC-AD4D-96ED19892BDA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:sonicwall:sm9200:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3547DE9C-A657-4AB6-AD00-5185BE7D227E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:sonicwall:sm9400:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "88DB2D0B-8199-4241-A826-4BD91AB5D4E4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:sonicwall:sm9600:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7079B7DB-CBC1-4116-929B-956C361AF764",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:sonicwall:sm9800:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FCBF16D6-4C60-440D-95AB-986ABC4F9100",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:sonicwall:soho_250:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9FDE64E9-44DD-4B7C-BA34-FE2C79E3FAED",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:sonicwall:soho_250w:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4E8F3935-89B4-4091-9B8C-442C02FD4F3A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:sonicwall:sohow:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7268E89B-FF46-45AD-82FF-333505EF957B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:sonicwall:tz300:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "09678BBE-7603-41D2-BF09-415CA33C7EFA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:sonicwall:tz300p:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7003DBEF-CA74-4429-B567-5CFFB83762E6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:sonicwall:tz300w:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A8AC8EAE-99BE-4889-9978-5083F71D7178",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:sonicwall:tz350:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "479B1418-CA62-4B24-A5DB-21F488941754",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:sonicwall:tz350w:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3E0AB47-5EE3-4F2F-B442-DA48C58C44D6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:sonicwall:tz400:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D50B19A6-80C4-4FF7-9CD5-58938641D3DC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:sonicwall:tz400w:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "745643D6-9336-4FBE-9625-99599DFBB8A2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:sonicwall:tz500:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C09B5BCD-C830-4C67-B966-1CA499F21D04",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:sonicwall:tz500w:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA61303F-736E-411F-AEF3-6335C0795138",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:sonicwall:tz600:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3506950B-2404-41D2-8EF3-1694777D9EEA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:sonicwall:tz600p:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7B4C9916-AD16-4E31-90A6-2AD577EA9783",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "SonicOS SSLVPN improper restriction of excessive MFA attempts vulnerability allows an authenticated attacker to use excessive MFA codes."
    }
  ],
  "id": "CVE-2023-1101",
  "lastModified": "2025-03-07T20:15:36.463",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.9,
        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
        "type": "Secondary"
      }
    ]
  },
  "published": "2023-03-02T22:15:09.560",
  "references": [
    {
      "source": "PSIRT@sonicwall.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0005"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0005"
    }
  ],
  "sourceIdentifier": "PSIRT@sonicwall.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-307"
        }
      ],
      "source": "PSIRT@sonicwall.com",
      "type": "Primary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-307"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-307"
        }
      ],
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "type": "Secondary"
    }
  ]
}

CVE-2023-1101 (GCVE-0-2023-1101)

Vulnerability from cvelistv5

Published

2023-03-02 00:00

Modified

2025-03-07 19:19

Severity ?

8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE

CWE-307 - Improper Restriction of Excessive Authentication Attempts

Summary

SonicOS SSLVPN improper restriction of excessive MFA attempts vulnerability allows an authenticated attacker to use excessive MFA codes.

References

URL

	Vendor	Product	Version
	SonicWall	SonicOS	Version: SonicOS 6.5.4.11-97n and earlier Version: SonicOS NSv 6.5.4.4-44v-21-1551 and earlier Version: SonicOS NSsp 7.0.1-5083 and earlier Version: SonicOS 7.0.1-5095 and earlier

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted