CVE-2021-20042 Vulnerability Details

  /     /     /  

CVE-2021-20042 Metadata Quick Info

CVE Published: 08/12/2021 | CVE Updated: 03/08/2024 | CVE Year: 2021
Source: sonicwall | Vendor: SonicWall | Product: SonicWall SMA100
Status : PUBLISHED

---

CVE-2021-20042 Description

An unauthenticated remote attacker can use SMA 100 as an unintended proxy or intermediary undetectable proxy to bypass firewall rules. This vulnerability affected SMA 200, 210, 400, 410 and 500v appliances.

Metrics

CVSS Version: 3.1 | Base Score: n/a
Vector: n/a

l➤ Exploitability Metrics:
    Attack Vector (AV)*
    Attack Complexity (AC)*
    Privileges Required (PR)*
    User Interaction (UI)*
    Scope (S)*

l➤ Impact Metrics:
    Confidentiality Impact (C)*
    Integrity Impact (I)*
    Availability Impact (A)*

Weakness Enumeration (CWE)

CWE-ID: CWE-441
CWE Name: CWE-441: Unintended Proxy or Intermediary ( Confused Deputy )
Source: SonicWall

Common Attack Pattern Enumeration and Classification (CAPEC)

CAPEC-ID:
CAPEC Description:


Source: NVD (National Vulnerability Database).