CVE-2021-20022

HighKnown ExploitedRansomware

SonicWall Email Security version 10.0.9.x contains a vulnerability that allows a post-authenticated attacker to upload an arbitrary file to…

sonicwall·CWE-434·Published 2021-04-09

CVSS

7.2

EPSS

0.17

KEV

Yes

Exploits

cve.orgen

156 chars

SonicWall Email Security version 10.0.9.x contains a vulnerability that allows a post-authenticated attacker to upload an arbitrary file to the remote host.

NVDen

156 chars

SonicWall Email Security version 10.0.9.x contains a vulnerability that allows a post-authenticated attacker to upload an arbitrary file to the remote host.

SonicWall Email Security versión 10.0.9.x, contiene una vulnerabilidad que permite a un atacante autenticado posteriormente cargar un archivo arbitrario en el host remoto

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	7.5	10.0	6.4	AV:N/AC:L/Au:N/C:P/I:P/A:P
3.1	Primary	cve.org	7.2	—	—	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
3.1	Primary	cve.org	7.2	—	—	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
3.1	Primary	NVD	7.2	1.2	5.9	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
3.1	Secondary	NVD	7.2	1.2	5.9	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H