CVE-2021-20021

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Apr 9, 2021
Updated: Apr 14, 2021
CWE ID 269

Summary

CVE-2021-20021 is a newly discovered vulnerability affecting SonicWall Email Security versions 10.0.9.x. An attacker can exploit this issue by sending a specially crafted HTTP request to the remote host, resulting in the creation of a new administrative account without proper authorization. This vulnerability poses a significant risk, as unauthorized administrative access can lead to extensive data breaches and system compromise. SonicWall urges users to apply the available patch as soon as possible to mitigate this threat. In summary, CVE-2021-20021 is a newly identified security vulnerability in SonicWall Email Security. An attacker can exploit this issue by sending a maliciously crafted HTTP request to the remote host, resulting in the creation of a new administrative account. This vulnerability represents a serious threat, as unauthorized administrative access can lead to data breaches and system compromise. SonicWall strongly recommends users apply the available patch promptly to protect against this vulnerability.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • SonicWall Email Security

Affected Vendors

  • SonicWall Inc.