Host Header Redirection Vulnerability in SonicWall SonicOS
CVE-2021-20031

6.1MEDIUM

Key Information:

Vendor: Sonicwall
Status: Sonicos
Vendor: CVE Published:; 12 October 2021

What is CVE-2021-20031?

A Host Header Redirection vulnerability in SonicWall SonicOS has the potential to allow a remote attacker to manipulate firewall management users by redirecting them to untrusted and arbitrary web domains. This threat can lead to phishing attacks or other malicious activities, significantly compromising the security of affected systems. It is crucial for users of SonicOS to apply necessary patches and take precautions against such vulnerabilities to safeguard their network infrastructure.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

SonicOS 7.0.1-R1262 and earlier

SonicOS 7.0.1-R1283 and earlier

SonicOS 7.0.1-R579 and earlier

References

https://psirt.global.sonicwall.com/vuln-detail/SNWLID-202...

x_refsource_CONFIRM

http://packetstormsecurity.com/files/164502/Sonicwall-Son...

x_refsource_MISC

EPSS Score

36% chance of being exploited in the next 30 days.

CVSS V3.1

Score:

6.1

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Changed

Timeline

Vulnerability published
Oct 12, 2021
Vulnerability Reserved
Dec 17, 2020

JSON

Sonicwall