CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS
Percentile
90.6%
SonicOS, SonicOSv
Severity:
Severity level: High
Impact: Denial of service and potential arbitrary code execution in SonicOS
Access Vector: Remote
CVSS v3.0
Base Score: 9,4
Vector: (AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H)
CVE-2020-5135
Vulnerability description:
The vulnerability, which is associated with buffer overflow in SonicOS, allows a remote attacker to cause a denial of service (DoS) and potentially execute arbitrary code.
Advisory status:
26.06.2020 - Vendor notification date
12.10.2020 - Security advisory publication date (<https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2020-0010>)
Credits:
The vulnerability was discovered by Nikita Abramov, Positive Research Center (Positive Technologies Company)
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS
Percentile
90.6%