vulnerability

SonicWall SMA 100: CVE-2021-20043: getBookmarks Heap-based Buffer Overflow

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
7	(AV:N/AC:L/Au:S/C:P/I:P/A:P)	Dec 7, 2021	Dec 7, 2021	Dec 13, 2021

Severity

CVSS

(AV:N/AC:L/Au:S/C:P/I:P/A:P)

Published

Dec 7, 2021

Added

Dec 7, 2021

Modified

Dec 13, 2021

Description

A Heap-based buffer overflow vulnerability in SonicWall SMA100 getBookmarks method allows a remote authenticated attacker to potentially execute code as the nobody user in the appliance. This vulnerability affected SMA 200, 210, 400, 410 and 500v appliances.

Solution(s)

sonicwall-sma-100-upgrade-10.2.0.9-41svsonicwall-sma-100-upgrade-10.2.1.3-27sv

References

CVE-2021-20043
https://attackerkb.com/topics/CVE-2021-20043

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today