CyberSec.Space Logo
返回 CVE 浏览器

CVE-2021-20021

Known Exploited (CISA KEV)CRITICAL
9.8
CVSS Severity Score
EPSS Score48.8280%
EPSS Percentile86.73th
Published2021年4月9日
Last Modified2025年11月10日

Vulnerability Description

A vulnerability in the SonicWall Email Security version 10.0.9.x allows an attacker to create an administrative account by sending a crafted HTTP request to the remote host.

Affected Platforms (CPE)

📦
Sonicwall

Email Security

< 10.0.9.6103
💻
Sonicwall

Email Security Appliance 9000 Firmware

< 10.0.9.6105
💻
Sonicwall

Email Security Appliance 3300 Firmware

< 10.0.9.6105
💻
Sonicwall

Email Security Appliance 4300 Firmware

< 10.0.9.6105
💻
Sonicwall

Email Security Appliance 8300 Firmware

< 10.0.9.6105
💻
Sonicwall

Email Security Appliance 5000 Firmware

< 10.0.9.6105
💻
Sonicwall

Email Security Appliance 7000 Firmware

< 10.0.9.6105
💻
Sonicwall

Email Security Appliance 5050 Firmware

< 10.0.9.6105
💻
Sonicwall

Email Security Appliance 7050 Firmware

< 10.0.9.6105
📦
Sonicwall

Email Security Virtual Appliance

< 10.0.9.6105
📦
Sonicwall

Hosted Email Security

< 10.0.9.6103

References & Advisories

🔗 https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0007
🔗 https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0007
🔗 https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-20021

相关漏洞威胁

CVE-2017-234310.0

The Integrated User Firewall (UserFW) feature was introduced in Junos OS version 12.1X47-D10 on the Juniper SRX Series devices to ...

CVE-2002-136110.0

overflow.cgi CGI script in Sun Cobalt RaQ 4 with the SHP (Security Hardening Patch) installed allows remote attackers to execute a...

CVE-2018-165299.8

A password reset vulnerability has been discovered in Forcepoint Email Security 8.5.x. The password reset URL can be used after th...

CVE-2018-165309.8

A stack-based buffer overflow in Forcepoint Email Security version 8.5 allows an attacker to craft malicious input and potentially...