The Improper link resolution before file access ('Link Following') vulnerability in SonicWall Connect Tunnel (version 12.4.3.271 and earlier of Windows client) allows users with standard privileges to create arbitrary folders and files, potentially leading to local Denial of Service (DoS) attack.
History

Fri, 01 Nov 2024 16:15:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}


Fri, 11 Oct 2024 21:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Fri, 11 Oct 2024 08:45:00 +0000

Type Values Removed Values Added
Description The Improper link resolution before file access ('Link Following') vulnerability in SonicWall Connect Tunnel (version 12.4.3.271 and earlier of Windows client) allows users with standard privileges to create arbitrary folders and files, potentially leading to local Denial of Service (DoS) attack.
Weaknesses CWE-59
References

cve-icon MITRE

Status: PUBLISHED

Assigner: sonicwall

Published: 2024-10-11T08:17:13.448Z

Updated: 2024-11-01T15:59:56.980Z

Reserved: 2024-08-26T20:20:45.693Z

Link: CVE-2024-45315

cve-icon Vulnrichment

Updated: 2024-10-11T15:22:38.522Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2024-10-11T13:15:15.883

Modified: 2024-11-01T16:35:26.853

Link: CVE-2024-45315

cve-icon Redhat

No data.