CVE-2020-5142
published 2020-10-12CVE-2020-5142: A stored cross-site scripting (XSS) vulnerability exists in the SonicOS SSLVPN web interface. A remote unauthenticated attacker is able to store and…
PriorityP427medium6.1CVSS 3.1
AVNACLPRNUIRSCCLILAN
EPSS
1.06%
60.4th percentile
A stored cross-site scripting (XSS) vulnerability exists in the SonicOS SSLVPN web interface. A remote unauthenticated attacker is able to store and potentially execute arbitrary JavaScript code in the firewall SSLVPN portal. This vulnerability affected SonicOS Gen 5 version 5.9.1.7, 5.9.1.13, Gen 6 version 6.5.4.7, 6.5.1.12, 6.0.5.3, SonicOSv 6.5.4.v and Gen 7 version SonicOS 7.0.0.0.
Affected
15 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| samba | samba | >= 0 < 2:4.13.14+dfsg-0ubuntu0.20.04.4 | 2:4.13.14+dfsg-0ubuntu0.20.04.4 |
| samba | samba | >= 0 < 2:4.13.14+dfsg-0ubuntu0.20.04.3 | 2:4.13.14+dfsg-0ubuntu0.20.04.3 |
| sonicwall | sonicos | <= 5.9.1.13 | — |
| sonicwall | sonicos | — | — |
| sonicwall | sonicos | — | — |
| sonicwall | sonicos | — | — |
| sonicwall | sonicos | — | — |
| sonicwall | sonicos | — | — |
| sonicwall | sonicos | — | — |
| sonicwall | sonicos | — | — |
| sonicwall | sonicos | — | — |
| sonicwall | sonicos | 6.0.0.0 – 6.0.5.3 | — |
| sonicwall | sonicos | 6.5.0.0 – 6.5.1.11 | — |
| sonicwall | sonicos | 6.5.4.0 – 6.5.4.7 | — |
| sonicwall | sonicosv | <= 6.5.4.4 | — |
CVSS provenance
nvdv3.16.1MEDIUMCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
nvdv2.04.3MEDIUMAV:N/AC:M/Au:N/C:N/I:P/A:N
osv5.9MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-mm23-cj9m-mh27: A stored cross-site scripting (XSS) vulnerability exists in the SonicOS SSLVPN web interface
ghsa_unreviewed·2022-05-24
CVE-2020-5142 [MEDIUM] CWE-79 GHSA-mm23-cj9m-mh27: A stored cross-site scripting (XSS) vulnerability exists in the SonicOS SSLVPN web interface
A stored cross-site scripting (XSS) vulnerability exists in the SonicOS SSLVPN web interface. A remote unauthenticated attacker is able to store and potentially execute arbitrary JavaScript code in the firewall SSLVPN portal. This vulnerability affected SonicOS Gen 5 version 5.9.1.7, 5.9.1.13, Gen 6 version 6.5.4.7, 6.5.1.12, 6.0.5.3, SonicOSv 6.5.4.v and Gen 7 version SonicOS 7.0.0.0.
OSV
samba regression
osv·2021-12-13·CVSS 5.9
samba regression
samba regression
USN-5142-1 fixed vulnerabilities in Samba. Some of the upstream changes
introduced a regression in Kerberos authentication in certain environments.
Please see the following upstream bug for more information:
https://bugzilla.samba.org/show_bug.cgi?id=14922
This update fixes the problem.
Original advisory details:
Stefan Metzmacher discovered that Samba incorrectly handled SMB1 client
connections. A remote attacker could possibly use this issue to downgrade
connections to plaintext authentication. (CVE-2016-2124)
Andrew Bartlett discovered that Samba incorrectly mapping domain users to
local users. An authenticated attacker could possibly use this issue to
become root on domain members. (CVE-2020-25717)
Andrew Bartlett discovered that Samba did not correctly sandbox
OSV
samba regressions
osv·2021-12-06·CVSS 5.9
samba regressions
samba regressions
USN-5142-1 fixed vulnerabilities in Samba. Some of the upstream changes
introduced regressions in name mapping and backups.
Please see the following upstream bugs for more information:
https://bugzilla.samba.org/show_bug.cgi?id=14901
https://bugzilla.samba.org/show_bug.cgi?id=14918
This update fixes the problem.
Original advisory details:
Stefan Metzmacher discovered that Samba incorrectly handled SMB1 client
connections. A remote attacker could possibly use this issue to downgrade
connections to plaintext authentication. (CVE-2016-2124)
Andrew Bartlett discovered that Samba incorrectly mapping domain users to
local users. An authenticated attacker could possibly use this issue to
become root on domain members. (CVE-2020-25717)
Andrew Bartlett discovered that Samba
No detection rules found.
No public exploits indexed.
2020-10-12
Published