CVE-2021-20019

Summary

A vulnerability in SonicOS where the HTTP server response leaks partial memory by sending a crafted HTTP request, this can potentially lead to an internal sensitive data disclosure vulnerability.

Affected Software

VendorProductVersion RangeStatus
SonicWallSonicOSSonicOS - 6.5.4.7-83naffected
SonicWallSonicOSSonicOSv - 6.5.4.4-44v-21-955affected
SonicWallSonicOSSonicOS - 6.5.1.12-3naffected
SonicWallSonicOSSonicOS - 6.0.5.3-94oaffected
SonicWallSonicOSSonicOS - 7.0.0-R713 and earlieraffected
SonicWallSonicOSSonicOS - 7.0.1-R1036 and earlieraffected
SonicWallSonicOSSonicOS - 7.0.0.375 and earlieraffected

Weaknesses

  • CWE-200: CWE-200: Exposure of Sensitive Information to an Unauthorized Actor

ADP Enrichment

CVE Program Container

Additional References

References