CVE-2020-5132 is a vulnerability in SonicWall Sonicos
Published on September 30, 2020
SonicWall SSL-VPN products and SonicWall firewall SSL-VPN feature misconfiguration leads to possible DNS flaw known as domain name collision vulnerability. When the users publicly display their organizations internal domain names in the SSL-VPN authentication page, an attacker with knowledge of internal domain names can potentially take advantage of this vulnerability.
Weakness Type
What is an Information Disclosure Vulnerability?
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
CVE-2020-5132 has been classified to as an Information Disclosure vulnerability or weakness.
Products Associated with CVE-2020-5132
Want to know whenever a new CVE is published for SonicWall Sonicos? stack.watch will email you.
Affected Versions
SonicWall SMA100:- Version SMA100 10.2.0.2-20sv is affected.
- Version SMA1000 12.4.0-2223 is affected.
- Version SonicOS 6.5.4.6-79n is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.