Vulnerabilities > CVE-2023-1101 - Improper Restriction of Excessive Authentication Attempts vulnerability in Sonicwall Sonicos

CVSS 8.8 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

sonicwall

CWE-307

NVD

Published: 2023-03-02

Updated: 2023-03-14

Summary

SonicOS SSLVPN improper restriction of excessive MFA attempts vulnerability allows an authenticated attacker to use excessive MFA codes.

Vulnerable Configurations

Part	Description	Count
OS	Sonicwall Sonicwall Sonicos - Sonicwall Sonicos 5.8.0.0 Sonicwall Sonicos 5.9.0.7 Sonicwall Sonicos 5.9.1.0 Sonicwall Sonicos 5.9.1.10 Sonicwall Sonicos 5.9.1.12 Sonicwall Sonicos 5.9.1.12-4O Sonicwall Sonicos 5.9.1.13 Sonicwall Sonicos 6.0.0.0 Sonicwall Sonicos 6.0.5.3 Sonicwall Sonicos 6.0.5.3-86O Sonicwall Sonicos 6.0.5.3-94O Sonicwall Sonicos 6.1.2.0 Sonicwall Sonicos 6.2.0.0 Sonicwall Sonicos 6.2.0.1 Sonicwall Sonicos 6.2.1.0 Sonicwall Sonicos 6.2.3.1 Sonicwall Sonicos 6.2.4.0 Sonicwall Sonicos 6.2.4.3 Sonicwall Sonicos 6.2.5.0 Sonicwall Sonicos 6.2.5.3 Sonicwall Sonicos 6.2.6.0 Sonicwall Sonicos 6.2.6.1 Sonicwall Sonicos 6.2.7.0 Sonicwall Sonicos 6.2.7.1 Sonicwall Sonicos 6.2.7.3 Sonicwall Sonicos 6.2.7.4 Sonicwall Sonicos 6.2.7.4-32N Sonicwall Sonicos 6.2.7.5 Sonicwall Sonicos 6.2.7.7 Sonicwall Sonicos 6.2.7.8 Sonicwall Sonicos 6.2.7.10-3N Sonicwall Sonicos 6.4.0.0 Sonicwall Sonicos 6.4.1.0-3N Sonicwall Sonicos 6.5.0.0 Sonicwall Sonicos 6.5.0.3 Sonicwall Sonicos 6.5.1.0 Sonicwall Sonicos 6.5.1.3 Sonicwall Sonicos 6.5.1.4 Sonicwall Sonicos 6.5.1.4-4N Sonicwall Sonicos 6.5.1.5 Sonicwall Sonicos 6.5.1.8 Sonicwall Sonicos 6.5.1.9-4N Sonicwall Sonicos 6.5.1.11 Sonicwall Sonicos 6.5.1.12-3N Sonicwall Sonicos 6.5.2.0 Sonicwall Sonicos 6.5.2.1 Sonicwall Sonicos 6.5.2.2 Sonicwall Sonicos 6.5.2.3 Sonicwall Sonicos 6.5.2.3-4N Sonicwall Sonicos 6.5.3.0 Sonicwall Sonicos 6.5.3.1 Sonicwall Sonicos 6.5.3.3 Sonicwall Sonicos 6.5.3.3-3N Sonicwall Sonicos 6.5.4.0 Sonicwall Sonicos 6.5.4.0. Sonicwall Sonicos 6.5.4.3 Sonicwall Sonicos 6.5.4.4 Sonicwall Sonicos 6.5.4.4-44N Sonicwall Sonicos 6.5.4.4-44V-21-1551 Sonicwall Sonicos 6.5.4.5 Sonicwall Sonicos 6.5.4.6-79N Sonicwall Sonicos 6.5.4.7 Sonicwall Sonicos 6.5.4.7-83N Sonicwall Sonicos 7.0.0.0 Sonicwall Sonicos 7.0.1-5030-R2007 Sonicwall Sonicos 7.0.1-5083 Sonicwall Sonicos 5.0.0.0 Sonicwall Sonicos 5.0.0.6 Sonicwall Sonicos 5.0.0.8 Sonicwall Sonicos 5.0.0.13 Sonicwall Sonicos 5.8.0.2 Sonicwall Sonicos 5.8.1.5 Sonicwall Sonicos 5.8.1.10 Sonicwall Sonicos 5.9.0.0 Sonicwall Sonicos 6.2.2.0 Sonicwall Sonicos 6.2.9.0 Sonicwall Sonicos 6.2.9.1 Sonicwall Sonicos 6.2.9.2 Sonicwall Sonicos 6.5.4.4-44V-21-2340 Sonicwall Sonicos 6.5.4.11-97N Sonicwall Sonicos 6.5.4.13-105N Sonicwall Sonicos 7.0.1 Sonicwall Sonicos 7.0.1-5019 Sonicwall Sonicos 7.0.1-5023 Sonicwall Sonicos 7.0.1-5026 Sonicwall Sonicos 7.0.1-5030 Sonicwall Sonicos 7.0.1-5030-R945 Sonicwall Sonicos 7.0.1-5052 Sonicwall Sonicos 7.0.1-5054 Sonicwall Sonicos 7.0.1-5065 Sonicwall Sonicos 7.0.1-5072 Sonicwall Sonicos 7.0.1-5080	95
Hardware	Sonicwall Sonicwall NSA 2700 - Sonicwall NSA 3700 - Sonicwall NSA 4700 - Sonicwall NSA 5700 - Sonicwall NSA 6700 - Sonicwall Nssp 10700 - Sonicwall Nssp 11700 - Sonicwall Nssp 13700 - Sonicwall NSV 270 - Sonicwall NSV 470 - Sonicwall NSV 870 - Sonicwall Tz270 - Sonicwall Tz270W - Sonicwall Tz370 - Sonicwall Tz370W - Sonicwall Tz470 - Sonicwall Tz470W - Sonicwall Tz570 - Sonicwall Tz570P - Sonicwall Tz570W - Sonicwall Tz670 - Sonicwall Nssp 15700 - Sonicwall NSV 10 - Sonicwall NSV 100 - Sonicwall NSV 1600 - Sonicwall NSV 200 - Sonicwall NSV 25 - Sonicwall NSV 300 - Sonicwall NSV 400 - Sonicwall NSV 50 - Sonicwall NSV 800 - Sonicwall NSA 2600 - Sonicwall NSA 2650 - Sonicwall NSA 3600 - Sonicwall NSA 3650 - Sonicwall NSA 4600 - Sonicwall NSA 4650 - Sonicwall NSA 5600 - Sonicwall NSA 5650 - Sonicwall NSA 6600 - Sonicwall NSA 6650 - Sonicwall NSA 9250 - Sonicwall NSA 9450 - Sonicwall NSA 9650 - Sonicwall Nssp12400 - Sonicwall Nssp12800 - Sonicwall Sm10200 - Sonicwall Sm10400 - Sonicwall Sm10800 - Sonicwall Sm9200 - Sonicwall Sm9400 - Sonicwall Sm9600 - Sonicwall Sm9800 - Sonicwall Soho 250 - Sonicwall Soho 250W - Sonicwall Sohow - Sonicwall Tz300 - Sonicwall Tz300P - Sonicwall Tz300W - Sonicwall Tz350 - Sonicwall Tz350W - Sonicwall Tz400 - Sonicwall Tz400W - Sonicwall Tz500 - Sonicwall Tz500W - Sonicwall Tz600 - Sonicwall Tz600P -	67

Common Weakness Enumeration (CWE)

CWE-307 - Improper Restriction of Excessive Authentication Attempts

References

https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0005