Sonicwall Capture Client vulnerabilities
3 known vulnerabilities affecting sonicwall/capture_client.
Total CVEs
3
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2021-3450P3HIGHCVSS 7.4fixed in 3.6.242021-03-25
CVE-2021-3450 [HIGH] CWE-295 CVE-2021-3450: The X509_V_FLAG_X509_STRICT flag enables additional security checks of the certificates present in a
The X509_V_FLAG_X509_STRICT flag enables additional security checks of the certificates present in a certificate chain. It is not set by default. Starting from OpenSSL version 1.1.1h a check to disallow certificates in the chain that have explicitly encoded elliptic curve parameters was added as an additional strict check. An error in the implementation
nvd
CVE-2021-3449P3MEDIUMCVSS 5.9v3.52021-03-25
CVE-2021-3449 [MEDIUM] CWE-476 CVE-2021-3449: An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from
An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it was present in the initial ClientHello), but includes a signature_algorithms_cert extension then a NULL pointer dereference will result, leading to a cr
nvd
CVE-2023-6340P4MEDIUMCVSS 5.5≤ 3.7.10v3.7.10 and earlier versions2024-01-18
CVE-2023-6340 [MEDIUM] CWE-121 CVE-2023-6340: SonicWall Capture Client version 3.7.10, NetExtender client version 10.2.337 and earlier versions ar
SonicWall Capture Client version 3.7.10, NetExtender client version 10.2.337 and earlier versions are installed with sfpmonitor.sys driver. The driver has been found to be vulnerable to Denial-of-Service (DoS) caused by Stack-based Buffer Overflow vulnerability.
nvd