Vulnerability Description
An Improper Access Control Vulnerability in the SMA100 series leads to multiple restricted management APIs being accessible without a user login, potentially exposing configuration meta-data.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Sonicwall | Sma 100 Firmware | < 10.0.0.0 |
| Sonicwall | Sma100 | - |
| Sonicwall | Sma 200 Firmware | < 10.0.0.0 |
| Sonicwall | Sma200 | - |
| Sonicwall | Sma 210 Firmware | < 10.0.0.0 |
| Sonicwall | Sma210 | - |
| Sonicwall | Sma 400 Firmware | < 10.0.0.0 |
| Sonicwall | Sma400 | - |
| Sonicwall | Sma 410 Firmware | < 10.0.0.0 |
| Sonicwall | Sma410 | - |
| Sonicwall | Sma 500V Firmware | < 10.0.0.0 |
| Sonicwall | Sma500V | - |
Related Weaknesses (CWE)
References
- https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0031Vendor Advisory
- https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0031Vendor Advisory
FAQ
What is CVE-2021-20050?
CVE-2021-20050 is a vulnerability with a CVSS score of 7.5 (HIGH). An Improper Access Control Vulnerability in the SMA100 series leads to multiple restricted management APIs being accessible without a user login, potentially exposing configuration meta-data.
How severe is CVE-2021-20050?
CVE-2021-20050 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2021-20050?
Check the references section above for vendor advisories and patch information. Affected products include: Sonicwall Sma 100 Firmware, Sonicwall Sma100, Sonicwall Sma 200 Firmware, Sonicwall Sma200, Sonicwall Sma 210 Firmware.