Unrated severityNVD Advisory· Published May 13, 2021· Updated Aug 3, 2024
CVE-2021-20025
CVE-2021-20025
Description
SonicWall Email Security Virtual Appliance version 10.0.9 and earlier versions contain a default username and a password that is used at initial setup. An attacker could exploit this transitional/temporary user account from the trusted domain to access the Virtual Appliance remotely only when the device is freshly installed and not connected to Mysonicwall.
Affected products
2<=10.0.9+ 1 more
- (no CPE)range: <=10.0.9
- (no CPE)range: 10.0.9 and earlier
Patches
Vulnerability mechanics
References
1- psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0012mitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.