Vulnerability: Brute-Force Attack on IPsec VPN Blade's SSL Network Extender Portal

Vulnerability: Brute-Force Attack on IPsec VPN Blade's SSL Network Extender Portal

CVE-2022-23746 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

The IPsec VPN blade has a dedicated portal for downloading and connecting through SSL Network Extender (SNX). If the portal is configured for username/password authentication, it is vulnerable to a brute-force attack on usernames and passwords.

Learn more about our Network Penetration Testing.