Vulnerability Details CVE-2021-20043
A Heap-based buffer overflow vulnerability in SonicWall SMA100 getBookmarks method allows a remote authenticated attacker to potentially execute code as the nobody user in the appliance. This vulnerability affected SMA 200, 210, 400, 410 and 500v appliances.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.014
EPSS Ranking 79.5%
CVSS Severity
CVSS v3 Score 8.8
CVSS v2 Score 6.5
References
Products affected by CVE-2021-20043
-
cpe:2.3:h:sonicwall:sma_200:-
-
cpe:2.3:h:sonicwall:sma_210:-
-
cpe:2.3:h:sonicwall:sma_400:-
-
cpe:2.3:h:sonicwall:sma_410:-
-
cpe:2.3:h:sonicwall:sma_500v:-
-
cpe:2.3:o:sonicwall:sma_200_firmware:10.2.0.8-37sv
-
cpe:2.3:o:sonicwall:sma_200_firmware:10.2.1.1-19sv
-
cpe:2.3:o:sonicwall:sma_210_firmware:10.2.0.8-37sv
-
cpe:2.3:o:sonicwall:sma_210_firmware:10.2.1.1-19sv
-
cpe:2.3:o:sonicwall:sma_400_firmware:10.2.0.8-37sv
-
cpe:2.3:o:sonicwall:sma_400_firmware:10.2.1.1-19sv
-
cpe:2.3:o:sonicwall:sma_410_firmware:10.2.0.8-37sv
-
cpe:2.3:o:sonicwall:sma_410_firmware:10.2.1.1-19sv
-
cpe:2.3:o:sonicwall:sma_500v_firmware:10.2.0.8-37sv
-
cpe:2.3:o:sonicwall:sma_500v_firmware:10.2.1.1-19sv