VYPR
Unrated severityNVD Advisory· Published May 13, 2021· Updated Aug 3, 2024

CVE-2021-20025

CVE-2021-20025

Description

SonicWall Email Security Virtual Appliance version 10.0.9 and earlier versions contain a default username and a password that is used at initial setup. An attacker could exploit this transitional/temporary user account from the trusted domain to access the Virtual Appliance remotely only when the device is freshly installed and not connected to Mysonicwall.

Affected products

2
  • SonicWall/Email Securityllm-fuzzy2 versions
    <=10.0.9+ 1 more
    • (no CPE)range: <=10.0.9
    • (no CPE)range: 10.0.9 and earlier

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.