CVE-2021-20021

CriticalKnown ExploitedRansomware

A vulnerability in the SonicWall Email Security version 10.0.9.x allows an attacker to create an administrative account by sending a…

sonicwall·CWE-269·Published 2021-04-09

CVSS

9.8

EPSS

0.83

KEV

Yes

Exploits

cve.orgen

173 chars

A vulnerability in the SonicWall Email Security version 10.0.9.x allows an attacker to create an administrative account by sending a crafted HTTP request to the remote host.

NVDen

173 chars

A vulnerability in the SonicWall Email Security version 10.0.9.x allows an attacker to create an administrative account by sending a crafted HTTP request to the remote host.

Una vulnerabilidad en SonicWall Email Security versión 10.0.9.x, permite a un atacante crear una cuenta administrativa mediante el envío de una petición HTTP diseñada en el host remoto

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	7.5	10.0	6.4	AV:N/AC:L/Au:N/C:P/I:P/A:P
3.1	Primary	cve.org	9.8	—	—	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
3.1	Primary	cve.org	9.8	—	—	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
3.1	Primary	NVD	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
3.1	Secondary	NVD	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H