Vulnerability Details : CVE-2019-7488
Weak default password cause vulnerability in SonicWall Email Security appliance which leads to attacker gain access to appliance database. This vulnerability affected Email Security Appliance version 10.0.2 and earlier.
Products affected by CVE-2019-7488
- cpe:2.3:a:sonicwall:email_security_appliance:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2019-7488
0.22%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 60 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2019-7488
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
7.5
|
HIGH | AV:N/AC:L/Au:N/C:P/I:P/A:P |
10.0
|
6.4
|
NIST | |
9.8
|
CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
3.9
|
5.9
|
NIST |
CWE ids for CVE-2019-7488
-
Assigned by: PSIRT@sonicwall.com (Secondary)
-
The product does not require that users should have strong passwords, which makes it easier for attackers to compromise user accounts.Assigned by: nvd@nist.gov (Primary)
References for CVE-2019-7488
-
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0014
Security AdvisoryVendor Advisory
Jump to