SQL Injection Vulnerability in SonicWall SSLVPN SMA100 Product
CVE-2021-20016

9.8CRITICAL

Key Information:

Vendor: Sonicwall
Status: Sonicwall Sma100
Vendor: CVE Published:; 4 February 2021

Badges

💰 Ransomware👾 Exploit Exists🟣 EPSS 80%🦅 CISA Reported

What is CVE-2021-20016?

The SonicWall SSLVPN SMA100 product is susceptible to a SQL injection flaw that enables remote unauthenticated attackers to execute arbitrary SQL queries. This exploitation can lead to the unauthorized retrieval of sensitive information, including usernames, passwords, and session-related data. Specifically, it affects SMA100 build version 10.x, posing significant risks to user data and overall system security.

CISA has reported CVE-2021-20016

CISA provides regional cyber and physical services to support security and resilience across the United States. CISA monitor the most dangerious vulnerabilities and have identifed CVE-2021-20016 as being exploited and is known by the CISA as enabling ransomware campaigns.

The CISA's recommendation is: Apply updates per vendor instructions.

Affected Version(s)

SonicWall SMA100 SMA100 build version 10.x

References

https://psirt.global.sonicwall.com/vuln-detail/SNWLID-202...

x_refsource_CONFIRM

EPSS Score

80% chance of being exploited in the next 30 days.

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

💰
Used in Ransomware
Nov 3, 2021
👾
Exploit known to exist
Nov 3, 2021
🦅
CISA Reported
Nov 3, 2021
Vulnerability published
Feb 4, 2021
Vulnerability Reserved
Dec 17, 2020

Sonicwall

Badges

What is CVE-2021-20016?

CISA has reported CVE-2021-20016

Affected Version(s)

References

EPSS Score

CVSS V3.1

Timeline