CVE-2021-20021

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Apr 9, 2021

Updated: Apr 14, 2021

CWE ID 269

Summary

CVE-2021-20021 is a newly discovered vulnerability affecting SonicWall Email Security versions 10.0.9.x. An attacker can exploit this issue by sending a specially crafted HTTP request to the remote host, resulting in the creation of a new administrative account without proper authorization. This vulnerability poses a significant risk, as unauthorized administrative access can lead to extensive data breaches and system compromise. SonicWall urges users to apply the available patch as soon as possible to mitigate this threat. In summary, CVE-2021-20021 is a newly identified security vulnerability in SonicWall Email Security. An attacker can exploit this issue by sending a maliciously crafted HTTP request to the remote host, resulting in the creation of a new administrative account. This vulnerability represents a serious threat, as unauthorized administrative access can lead to data breaches and system compromise. SonicWall strongly recommends users apply the available patch promptly to protect against this vulnerability.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

SonicWall Email Security

Affected Vendors

SonicWall Inc.

Advisories, Assessments, and Mitigations

Prioritize, Pinpoint, and Act to Prevent Vulnerability Exploits with Recorded Future

Note: This is just a basic overview providing quick insights into CVE-2021-20021 information. Gain full access to comprehensive CVE data, third party vulnerabilities, compromised credentials and more with Recorded Future

Gain complete coverage of your cyber, third party, and physical attack surface
Proactively mitigate threats before they turn into costly attacks
Make fast, effective, data-driven decisions

Book your demo

Sign in

Back to Vulnerability Database