CVE-2024-45317
HIGHSonicWall SMA1000 <= 12.4.3-02676 - Unauthenticated Server-Side Request Forgery
Title source: llmDescription
A Server-Side Request Forgery (SSRF) vulnerability in SMA1000 appliance firmware versions 12.4.3-02676 and earlier allows a remote, unauthenticated attacker to cause the SMA1000 server-side application to make requests to an unintended IP address.
References (1)
Core 1
Core References
Various Sources vendor-advisory
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0017
Scores
CVSS v3
7.5
EPSS
0.0018
EPSS Percentile
39.6%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
yes
Technical Impact
partial
Details
CWE
CWE-918
Status
published
Products (1)
SonicWall/SMA1000
12.4.3-02676 and earlier versions
Published
Oct 11, 2024
Tracked Since
Feb 18, 2026