What the vulnerability does

01Description

SonicWall SSL-VPN products and SonicWall firewall SSL-VPN feature misconfiguration leads to possible DNS flaw known as domain name collision vulnerability. When the users publicly display their organization’s internal domain names in the SSL-VPN authentication page, an attacker with knowledge of internal domain names can potentially take advantage of this vulnerability.

Key dates

02Disclosure timeline

September 30, 2020 CVE published
August 4, 2024 Record updated