CVE-2024-45315

Improper Link Resolution Before File Access ('Link Following') (CWE-59)

Published: Oct 11, 2024 / Updated: 39d ago

010
CVSS 5.5EPSS 0.04%Medium
CVE info copied to clipboard

The Improper link resolution before file access ('Link Following') vulnerability in SonicWall Connect Tunnel (version 12.4.3.271 and earlier of Windows client) allows users with standard privileges to create arbitrary folders and files, potentially leading to local Denial of Service (DoS) attack.

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Timeline

First Article

Feedly found the first article mentioning CVE-2024-45315. See article

Oct 10, 2024 at 4:34 PM / CERT.at - Tagesberichte
CVSS Estimate

Feedly estimated the CVSS score as HIGH

Oct 10, 2024 at 4:42 PM
CVSS Estimate

Feedly estimated the CVSS score as MEDIUM

Oct 11, 2024 at 8:33 AM
CVE Assignment

NVD published the first details for CVE-2024-45315

Oct 11, 2024 at 1:15 PM
EPSS

EPSS Score was set to: 0.04% (Percentile: 9.7%)

Oct 12, 2024 at 10:54 AM
Detection in Vulnerability Scanners

Detection for the vulnerability has been added to Nessus (209662)

Oct 25, 2024 at 7:15 PM
CVSS

A CVSS base score of 5.5 has been assigned.

Nov 1, 2024 at 4:40 PM / nvd
Static CVE Timeline Graph

Affected Systems

Sonicwall
+null more

Links to Mitre Att&cks

T1547.009: Shortcut Modification
+null more

Attack Patterns

CAPEC-132: Symlink Attack
+null more

News

SonicWall Connect Tunnel Multiple Vulnerabilities (SNWLID-2024-0017)
- The Improper link resolution before file access ('Link Following') vulnerability in SonicWall Connect Tunnel (version 12.4.3.271 and earlier of Windows client) allows users with standard privileges to create arbitrary folders and files, potentially leading to local Denial of Service (DoS) attack. - The Improper link resolution before file access ('Link Following') vulnerability in SonicWall Connect Tunnel (version 12.4.3.271 and earlier of Windows client) allows users with standard privileges to delete arbitrary folders and files, potentially leading to local privilege escalation attack.
Multiple Vulnerabilities in SonicWall
Development Last Updated: 10/17/2024 CVEs: CVE-2024-45315 , CVE-2024-45316
Vulnerability in Sonicwall SMA1000 series allows privilege escalation | heise online
In the connect tunnel client of the SMA1000 appliances, another "link following" vulnerability allows users with standard rights to create arbitrary files and folders and thus trigger a denial of service (CVE-2024-45315, CVSS 6.1, medium ). Sonicwall warns of security vulnerabilities in SSL VPN appliances of the SMA1000 series and the Connect Tunnel Client for Windows.
SonicWall Family October 2024 1st Security Update Advisory
For more information on Vulnerability Patches, Please refer to the “FIXED SOFTWARE” section of the product-specific Referenced Sites document. The following product-specific Vulnerability Patches were made available with the October 10, 2024 update.
CVE-2024-45315
Medium Severity Description The Improper link resolution before file access ('Link Following') vulnerability in SonicWall Connect Tunnel (version 12.4.3.271 and earlier of Windows client) allows users with standard privileges to create arbitrary folders and files, potentially leading to local Denial of Service (DoS) attack. Read more at https://www.tenable.com/cve/CVE-2024-45315
See 11 more articles and social media posts

CVSS V3.1

Attack Vector:Local
Attack Complexity:Low
Privileges Required:Low
User Interaction:None
Scope:Unchanged
Confidentiality:None
Integrity:None
Availability Impact:High

Categories

Be the first to know about critical vulnerabilities

Collect, analyze, and share vulnerability reports faster using AI