CVE-2021-20049
N/A
N/A
Summary
A vulnerability in SonicWall SMA100 password change API allows a remote unauthenticated attacker to perform SMA100 username enumeration based on the server responses. This vulnerability impacts 10.2.1.2-24sv, 10.2.0.8-37sv and earlier 10.x versions.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| SonicWall | SonicWall SMA100 | 10.2.0.8-37sv and earlier | affected |
| SonicWall | SonicWall SMA100 | 10.2.1.2-24sv and earlier | affected |
Weaknesses
- CWE-204: CWE-204: Observable Response Discrepancy
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.