CVE-2021-20019
Severity Score
7.5
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
A vulnerability in SonicOS where the HTTP server response leaks partial memory by sending a crafted HTTP request, this can potentially lead to an internal sensitive data disclosure vulnerability.
Una vulnerabilidad en SonicOS donde la respuesta del servidor HTTP filtra parte de la memoria mediante el envío de una petición HTTP diseñada, esto puede conllevar potencialmente a una vulnerabilidad de divulgación de datos confidenciales internos
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2020-12-17 CVE Reserved
- 2021-06-23 CVE Published
- 2024-05-01 EPSS Updated
- 2024-08-03 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
- CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0006 | 2022-08-05 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Sonicwall Search vendor "Sonicwall" | Sonicos Search vendor "Sonicwall" for product "Sonicos" | >= 7.0.0 < 7.0.0.376 Search vendor "Sonicwall" for product "Sonicos" and version " >= 7.0.0 < 7.0.0.376" | - |
Affected
| ||||||
| Sonicwall Search vendor "Sonicwall" | Sonicos Search vendor "Sonicwall" for product "Sonicos" | >= 7.0.1 < 7.0.1-r1036 Search vendor "Sonicwall" for product "Sonicos" and version " >= 7.0.1 < 7.0.1-r1036" | - |
Affected
| ||||||
| Sonicwall Search vendor "Sonicwall" | Sonicos Search vendor "Sonicwall" for product "Sonicos" | 6.0.5.3-94o Search vendor "Sonicwall" for product "Sonicos" and version "6.0.5.3-94o" | - |
Affected
| ||||||
| Sonicwall Search vendor "Sonicwall" | Sonicos Search vendor "Sonicwall" for product "Sonicos" | 6.5.1.12-3n Search vendor "Sonicwall" for product "Sonicos" and version "6.5.1.12-3n" | - |
Affected
| ||||||
| Sonicwall Search vendor "Sonicwall" | Sonicos Search vendor "Sonicwall" for product "Sonicos" | 6.5.4.7-83n Search vendor "Sonicwall" for product "Sonicos" and version "6.5.4.7-83n" | - |
Affected
| ||||||
| Sonicwall Search vendor "Sonicwall" | Sonicosv Search vendor "Sonicwall" for product "Sonicosv" | 6.5.4.4-44v-21-955 Search vendor "Sonicwall" for product "Sonicosv" and version "6.5.4.4-44v-21-955" | - |
Affected
| ||||||