Home

Description

A potential exposure of sensitive information in log files in SonicWall SMA100 Series appliances may allow a remote, authenticated administrator, under certain conditions to view partial users credential data.

PUBLISHED Reserved 2025-04-16 | Published 2025-10-31 | Updated 2025-10-31 | Assigner sonicwall

Problem types

CWE-532 Insertion of Sensitive Information into Log File

Product status

Default status
unknown

10.2.2.2-92sv and earlier versions
affected

Credits

Niels Schuler of Data-Sec GmbH finder

References

psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0017 vendor-advisory

cve.org (CVE-2025-40603)

nvd.nist.gov (CVE-2025-40603)

Download JSON