An Improper Access Control Vulnerability in the SMA100 series leads to multiple restricted management APIs being accessible without a user login, potentially exposing configuration meta-data.
References
Link | Resource |
---|---|
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0031 | Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
AND |
|
Configuration 4 (hide)
AND |
|
Configuration 5 (hide)
AND |
|
Configuration 6 (hide)
AND |
|
History
21 Oct 2022, 20:03
Type | Values Removed | Values Added |
---|---|---|
CWE | NVD-CWE-Other |
04 Jan 2022, 20:50
Type | Values Removed | Values Added |
---|---|---|
References | (CONFIRM) https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0031 - Vendor Advisory | |
CPE | cpe:2.3:o:sonicwall:sma_400_firmware:10.2.0.8-37sv:*:*:*:*:*:*:* cpe:2.3:o:sonicwall:sma_410_firmware:10.2.0.8-37sv:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:sma200:-:*:*:*:*:*:*:* cpe:2.3:o:sonicwall:sma_200_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:sonicwall:sma_210_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:sonicwall:sma_400_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:sma410:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:sma500v:-:*:*:*:*:*:*:* cpe:2.3:o:sonicwall:sma_100_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:sonicwall:sma_500v_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:sonicwall:sma_410_firmware:10.2.1.2-24sv:*:*:*:*:*:*:* cpe:2.3:o:sonicwall:sma_200_firmware:10.2.1.2-24sv:*:*:*:*:*:*:* cpe:2.3:o:sonicwall:sma_500v_firmware:10.2.0.8-37sv:*:*:*:*:*:*:* cpe:2.3:o:sonicwall:sma_100_firmware:10.2.1.2-24sv:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:sma400:-:*:*:*:*:*:*:* cpe:2.3:o:sonicwall:sma_200_firmware:10.2.0.8-37sv:*:*:*:*:*:*:* cpe:2.3:o:sonicwall:sma_210_firmware:10.2.1.2-24sv:*:*:*:*:*:*:* cpe:2.3:o:sonicwall:sma_400_firmware:10.2.1.2-24sv:*:*:*:*:*:*:* cpe:2.3:o:sonicwall:sma_410_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:sonicwall:sma_100_firmware:10.2.0.8-37sv:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:sma210:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:sma100:-:*:*:*:*:*:*:* cpe:2.3:o:sonicwall:sma_500v_firmware:10.2.1.2-24sv:*:*:*:*:*:*:* cpe:2.3:o:sonicwall:sma_210_firmware:10.2.0.8-37sv:*:*:*:*:*:*:* |
|
CVSS |
v2 : v3 : |
v2 : 5.0
v3 : 7.5 |
CWE | CWE-668 | |
First Time |
Sonicwall sma 400 Firmware
Sonicwall sma100 Sonicwall sma 410 Firmware Sonicwall sma 210 Firmware Sonicwall Sonicwall sma 100 Firmware Sonicwall sma500v Sonicwall sma 500v Firmware Sonicwall sma410 Sonicwall sma200 Sonicwall sma 200 Firmware Sonicwall sma400 Sonicwall sma210 |
23 Dec 2021, 02:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2021-12-23 02:15
Updated : 2023-12-10 14:09
NVD link : CVE-2021-20050
Mitre link : CVE-2021-20050
CVE.ORG link : CVE-2021-20050
JSON object : View
Products Affected
sonicwall
- sma500v
- sma410
- sma100
- sma_500v_firmware
- sma200
- sma210
- sma_210_firmware
- sma_100_firmware
- sma_400_firmware
- sma_410_firmware
- sma_200_firmware
- sma400
CWE