File Path Manipulation Vulnerability in SonicWall GMS
CVE-2021-20030

7.5HIGH

Key Information:

Vendor: Sonicwall
Status: Sonicwall Gms
Vendor: CVE Published:; 13 October 2022

Summary

SonicWall GMS possesses a vulnerability that allows an unauthenticated attacker to manipulate file paths, potentially granting unauthorized access to sensitive web directories. This access may lead to exposure of application's binaries and configuration files, significantly compromising the security of the system. Organizations using SonicWall GMS should be aware of this vulnerability and implement appropriate security measures to mitigate the associated risks.

Affected Version(s)

SonicWall GMS prior GMS 9.3.2

References

https://psirt.global.sonicwall.com/vuln-detail/SNWLID-202...

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Oct 13, 2022
Vulnerability Reserved
Dec 17, 2020