Vulnerability Details CVE-2021-20042
An unauthenticated remote attacker can use SMA 100 as an unintended proxy or intermediary undetectable proxy to bypass firewall rules. This vulnerability affected SMA 200, 210, 400, 410 and 500v appliances.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.008
EPSS Ranking 73.2%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 7.5
Products affected by CVE-2021-20042
-
cpe:2.3:h:sonicwall:sma_200:-
-
cpe:2.3:h:sonicwall:sma_210:-
-
cpe:2.3:h:sonicwall:sma_400:-
-
cpe:2.3:h:sonicwall:sma_410:-
-
cpe:2.3:h:sonicwall:sma_500v:-
-
cpe:2.3:o:sonicwall:sma_200_firmware:10.2.0.8-37sv
-
cpe:2.3:o:sonicwall:sma_200_firmware:10.2.1.1-19sv
-
cpe:2.3:o:sonicwall:sma_200_firmware:9.0.0.11-31sv
-
cpe:2.3:o:sonicwall:sma_210_firmware:10.2.0.8-37sv
-
cpe:2.3:o:sonicwall:sma_210_firmware:10.2.1.1-19sv
-
cpe:2.3:o:sonicwall:sma_210_firmware:9.0.0.11-31sv
-
cpe:2.3:o:sonicwall:sma_400_firmware:10.2.0.8-37sv
-
cpe:2.3:o:sonicwall:sma_400_firmware:10.2.1.1-19sv
-
cpe:2.3:o:sonicwall:sma_400_firmware:9.0.0.11-31sv
-
cpe:2.3:o:sonicwall:sma_410_firmware:10.2.0.8-37sv
-
cpe:2.3:o:sonicwall:sma_410_firmware:10.2.1.1-19sv
-
cpe:2.3:o:sonicwall:sma_410_firmware:9.0.0.11-31sv
-
cpe:2.3:o:sonicwall:sma_500v_firmware:10.2.0.8-37sv
-
cpe:2.3:o:sonicwall:sma_500v_firmware:10.2.1.1-19sv
-
cpe:2.3:o:sonicwall:sma_500v_firmware:9.0.0.11-31sv