A vulnerability in SonicWall SMA100 password change API allows a remote unauthenticated attacker to perform SMA100 username enumeration based on the server responses. This vulnerability impacts 10.2.1.2-24sv, 10.2.0.8-37sv and earlier 10.x versions.
References
Link | Resource |
---|---|
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0030 | Vendor Advisory |
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0030 | Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
AND |
|
Configuration 4 (hide)
AND |
|
Configuration 5 (hide)
AND |
|
Configuration 6 (hide)
AND |
|
History
21 Nov 2024, 05:45
Type | Values Removed | Values Added |
---|---|---|
References | () https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0030 - Vendor Advisory |
Information
Published : 2021-12-23 02:15
Updated : 2024-11-21 05:45
NVD link : CVE-2021-20049
Mitre link : CVE-2021-20049
CVE.ORG link : CVE-2021-20049
JSON object : View
Products Affected
sonicwall
- sma_100_firmware
- sma_400_firmware
- sma410
- sma_200_firmware
- sma_500v_firmware
- sma500v
- sma_410_firmware
- sma400
- sma210
- sma100
- sma200
- sma_210_firmware