Vulnerability Description
A vulnerability in SonicOS where the HTTP server response leaks partial memory by sending a crafted HTTP request, this can potentially lead to an internal sensitive data disclosure vulnerability.
CVSS Score
7.5
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Sonicwall | Sonicos | >= 7.0.0, < 7.0.0.376 |
| Sonicwall | Sonicosv | 6.5.4.4-44v-21-955 |
Related Weaknesses (CWE)
References
- https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0006Vendor Advisory
- https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0006Vendor Advisory
FAQ
What is CVE-2021-20019?
CVE-2021-20019 is a vulnerability with a CVSS score of 7.5 (HIGH). A vulnerability in SonicOS where the HTTP server response leaks partial memory by sending a crafted HTTP request, this can potentially lead to an internal sensitive data disclosure vulnerability.
How severe is CVE-2021-20019?
CVE-2021-20019 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2021-20019?
Check the references section above for vendor advisories and patch information. Affected products include: Sonicwall Sonicos, Sonicwall Sonicosv.