Improper Validation in SonicOS SSLVPN LDAP Login Request Allows Remote DNS Interaction

Improper Validation in SonicOS SSLVPN LDAP Login Request Allows Remote DNS Interaction

CVE-2020-5130 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

SonicOS SSLVPN LDAP login request allows remote attackers to cause external service interaction (DNS) due to improper validation of the request. This vulnerability impact SonicOS version 6.5.4.4-44n and earlier.

Learn more about our External Network Penetration Testing.