CVE-2002-1623 and GVC

Enzino78 · November 2023

Hello Community,

for sure you faced off vulnerability assessment agaist SonicWall firewall and in some cases you were notified a finding on IKEv1 Aggressive mode related to Global VPN Client as it is described in the CVE-2002-1623.

Have you forced to disable this option (and if yes, how) or simply add an exception since it is a service disabled/not used?

Thanks for your feedback.

TKWITS · November 2023

You can disable GVPN by marking 'WAN GroupVPN' in IPSec VPN \ Rules and Settings as disabled.

paolomelchiori · August 30

Another important info may be find here:

https://www.sonicwall.com/support/knowledge-base/pci-compliance-scan-certificate-errors/170505611400120

Chojin · September 9

https://community.sonicwall.com/technology-and-support/discussion/comment/19836#Comment_19836

and what to do if you are using GroupWAN VPN as Dialin Method?

TKWITS · September 9

https://community.sonicwall.com/technology-and-support/discussion/comment/22041#Comment_22041

Youll have to convince your compliance officer to add an exception for it.

Join the Conversation

CVE-2002-1623 and GVC

Answers