Improper authentication in the SMA100 SSL-VPN virtual office portal allows a remote authenticated attacker to create an identical external domain user using accent characters, resulting in an MFA bypass.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: sonicwall

Published: 2023-12-05T20:20:01.534Z

Updated: 2024-08-02T08:14:25.142Z

Reserved: 2023-11-06T17:14:04.677Z

Link: CVE-2023-5970

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2023-12-05T21:15:07.667

Modified: 2024-11-21T08:42:53.403

Link: CVE-2023-5970

cve-icon Redhat

No data.