CVE-2021-20041
N/A
N/A
Summary
An unauthenticated and remote adversary can consume all of the device's CPU due to crafted HTTP requests sent to SMA100 /fileshare/sonicfiles/sonicfiles resulting in a loop with unreachable exit condition. This vulnerability affected SMA 200, 210, 400, 410 and 500v appliances.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| SonicWall | SonicWall SMA100 | 9.0.0.11-31sv and earlier | affected |
| SonicWall | SonicWall SMA100 | 10.2.0.8-37sv and earlier | affected |
| SonicWall | SonicWall SMA100 | 10.2.1.1-19sv and earlier | affected |
| SonicWall | SonicWall SMA100 | 10.2.1.2-24sv and earlier | affected |
Weaknesses
- CWE-835: CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop')
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.