CVE-2001-0376

Опубликовано: 18 июн. 2001

Источник: nvd

CVSS2: 7.5

EPSS Низкий

Описание

SonicWALL Tele2 and SOHO firewalls with 6.0.0.0 firmware using IPSEC with IKE pre-shared keys do not allow for the use of full 128 byte IKE pre-shared keys, which is the intended design of the IKE pre-shared key, and only support 48 byte keys. This allows a remote attacker to brute force attack the pre-shared keys with significantly less resources than if the full 128 byte IKE pre-shared keys were used.

Ссылки

http://archives.neohapsis.com/archives/bugtraq/2001-03/0403.html
Patch
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/6304
http://archives.neohapsis.com/archives/bugtraq/2001-03/0403.html
Patch
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/6304

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:h:sonicwall:soho2:6.0.0:*:*:*:*:*:*:*

cpe:2.3:h:sonicwall:tele2:6.0.0:*:*:*:*:*:*:*

EPSS

Процентиль: 62%

0.00428

Низкий

7.5 High

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-wvm2-gmh5-gjgx

github

больше 3 лет назад