CVE-2001-0376
Last modified
CVE-2001-0376 is a vulnerability of currently unknown severity. SonicWALL Tele2 and SOHO firewalls with 6.0.0.0 firmware using IPSEC with IKE pre-shared keys do not allow for the use of full 128 byte IKE pre-shared keys, which is the intended design of the IKE pre-shared key, and only support 48 byte keys. This allows a remote attacker to brute force attack the pre-shared keys with significantly less resources than if the full 128 byte IKE pre-shared keys were used.. EPSS estimates a 1.35% chance of exploitation in the next 30 days.
Description
SonicWALL Tele2 and SOHO firewalls with 6.0.0.0 firmware using IPSEC with IKE pre-shared keys do not allow for the use of full 128 byte IKE pre-shared keys, which is the intended design of the IKE pre-shared key, and only support 48 byte keys. This allows a remote attacker to brute force attack the pre-shared keys with significantly less resources than if the full 128 byte IKE pre-shared keys were used.
Metrics
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Sonicwall | Soho2 | 6.0.0 |
| Sonicwall | Tele2 | 6.0.0 |
References
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2001-0376?
How severe is CVE-2001-0376?
How do I fix CVE-2001-0376?
Are you affected by CVE-2001-0376?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST