CVE-2020-5143 : Security Advisory and Response

SonicOS SSLVPN login page vulnerability allows remote attackers to enumerate firewall management administrator usernames. This impacts various SonicOS versions.

Understanding CVE-2020-5143

The vulnerability in SonicOS SSLVPN login page enables unauthenticated remote attackers to perform username enumeration based on server responses.

What is CVE-2020-5143?

The CVE-2020-5143 vulnerability in SonicOS SSLVPN login page allows remote unauthenticated attackers to enumerate firewall management administrator usernames.

The Impact of CVE-2020-5143

The vulnerability affects SonicOS Gen 5 version 5.9.1.7, 5.9.1.13, Gen 6 version 6.5.4.7, 6.5.1.12, 6.0.5.3, SonicOSv 6.5.4.v, and Gen 7 version SonicOS 7.0.0.0.

Technical Details of CVE-2020-5143

The technical details of the CVE-2020-5143 vulnerability.

Vulnerability Description

The SonicOS SSLVPN login page vulnerability allows remote unauthenticated attackers to enumerate firewall management administrator usernames.

Affected Systems and Versions

SonicOS 6.5.4.7-79n and earlier
SonicOS 5.9.1.7-2n and earlier
SonicOS 5.9.1.13-5n and earlier
SonicOS 6.5.1.11-4n and earlier
SonicOS 6.0.5.3-93o and earlier
SonicOSv 6.5.4.4-44v-21-794 and earlier
SonicOS 7.0.0.0-1

Exploitation Mechanism

The vulnerability allows attackers to exploit the SonicOS SSLVPN login page to enumerate firewall management administrator usernames.

Mitigation and Prevention

Steps to mitigate and prevent the CVE-2020-5143 vulnerability.

Immediate Steps to Take

Apply patches provided by SonicWall.
Monitor network traffic for any suspicious activity.
Restrict access to the affected systems.

Long-Term Security Practices

Regularly update SonicOS to the latest version.
Implement strong password policies.
Conduct security training for employees.

Patching and Updates

SonicWall has released patches to address the vulnerability.