CVE-2024-22394

CVE-2024-22394

Vendor Sonicwall
Product SonicOS
Weakness CWE-287 · Improper authentication
Published February 8, 2024
Last update August 22, 2024

CVSS base score

What the vulnerability does

01Description

An improper authentication vulnerability has been identified in SonicWall SonicOS SSL-VPN feature, which in specific conditions could allow a remote attacker to bypass authentication.  This issue affects only firmware version SonicOS 7.1.1-7040.

Key dates

02Disclosure timeline

February 8, 2024 CVE published
August 22, 2024 Record updated