CVE-2021-20042 : An unauthenticated remote attacker can use SMA 100 as an unintended proxy or int

An unauthenticated remote attacker can use SMA 100 as an unintended proxy or intermediary undetectable proxy to bypass firewall rules. This vulnerability affected SMA 200, 210, 400, 410 and 500v appliances.

Published 2021-12-08 10:15:08

Updated 2023-06-26 19:15:04

Source SonicWALL, Inc.

View at NVD, CVE.org

Products affected by CVE-2021-20042

Sonicwall » Sma 200 Firmware » Version: 10.2.0.8-37sv
cpe:2.3:o:sonicwall:sma_200_firmware:10.2.0.8-37sv:*:*:*:*:*:*:*
Matching versions
When used together with: Sonicwall » Sma 200 » Version: N/A
Sonicwall » Sma 200 Firmware » Version: 10.2.1.1-19sv
cpe:2.3:o:sonicwall:sma_200_firmware:10.2.1.1-19sv:*:*:*:*:*:*:*
Matching versions
When used together with: Sonicwall » Sma 200 » Version: N/A
Sonicwall » Sma 200 Firmware » Version: 9.0.0.11-31sv
cpe:2.3:o:sonicwall:sma_200_firmware:9.0.0.11-31sv:*:*:*:*:*:*:*
Matching versions
When used together with: Sonicwall » Sma 200 » Version: N/A
Sonicwall » Sma 210 Firmware » Version: 10.2.0.8-37sv
cpe:2.3:o:sonicwall:sma_210_firmware:10.2.0.8-37sv:*:*:*:*:*:*:*
Matching versions
When used together with: Sonicwall » Sma 210 » Version: N/A
Sonicwall » Sma 210 Firmware » Version: 10.2.1.1-19sv
cpe:2.3:o:sonicwall:sma_210_firmware:10.2.1.1-19sv:*:*:*:*:*:*:*
Matching versions
When used together with: Sonicwall » Sma 210 » Version: N/A
Sonicwall » Sma 210 Firmware » Version: 9.0.0.11-31sv
cpe:2.3:o:sonicwall:sma_210_firmware:9.0.0.11-31sv:*:*:*:*:*:*:*
Matching versions
When used together with: Sonicwall » Sma 210 » Version: N/A
Sonicwall » Sma 400 Firmware » Version: 10.2.0.8-37sv
cpe:2.3:o:sonicwall:sma_400_firmware:10.2.0.8-37sv:*:*:*:*:*:*:*
Matching versions
When used together with: Sonicwall » Sma 400 » Version: N/A
Sonicwall » Sma 400 Firmware » Version: 10.2.1.1-19sv
cpe:2.3:o:sonicwall:sma_400_firmware:10.2.1.1-19sv:*:*:*:*:*:*:*
Matching versions
When used together with: Sonicwall » Sma 400 » Version: N/A
Sonicwall » Sma 400 Firmware » Version: 9.0.0.11-31sv
cpe:2.3:o:sonicwall:sma_400_firmware:9.0.0.11-31sv:*:*:*:*:*:*:*
Matching versions
When used together with: Sonicwall » Sma 400 » Version: N/A
Sonicwall » Sma 410 Firmware » Version: 10.2.0.8-37sv
cpe:2.3:o:sonicwall:sma_410_firmware:10.2.0.8-37sv:*:*:*:*:*:*:*
Matching versions
When used together with: Sonicwall » Sma 410 » Version: N/A
Sonicwall » Sma 410 Firmware » Version: 10.2.1.1-19sv
cpe:2.3:o:sonicwall:sma_410_firmware:10.2.1.1-19sv:*:*:*:*:*:*:*
Matching versions
When used together with: Sonicwall » Sma 410 » Version: N/A
Sonicwall » Sma 410 Firmware » Version: 9.0.0.11-31sv
cpe:2.3:o:sonicwall:sma_410_firmware:9.0.0.11-31sv:*:*:*:*:*:*:*
Matching versions
When used together with: Sonicwall » Sma 410 » Version: N/A
Sonicwall » Sma 500v Firmware » Version: 10.2.0.8-37sv
cpe:2.3:o:sonicwall:sma_500v_firmware:10.2.0.8-37sv:*:*:*:*:*:*:*
Matching versions
When used together with: Sonicwall » Sma 500v » Version: N/A
Sonicwall » Sma 500v Firmware » Version: 10.2.1.1-19sv
cpe:2.3:o:sonicwall:sma_500v_firmware:10.2.1.1-19sv:*:*:*:*:*:*:*
Matching versions
When used together with: Sonicwall » Sma 500v » Version: N/A
Sonicwall » Sma 500v Firmware » Version: 9.0.0.11-31sv
cpe:2.3:o:sonicwall:sma_500v_firmware:9.0.0.11-31sv:*:*:*:*:*:*:*
Matching versions
When used together with: Sonicwall » Sma 500v » Version: N/A

Exploit prediction scoring system (EPSS) score for CVE-2021-20042

EPSS FAQ

0.81%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 73 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2021-20042

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
7.5	HIGH	AV:N/AC:L/Au:N/C:P/I:P/A:P	10.0	6.4	NIST
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: Partial Integrity Impact: Partial Availability Impact: Partial
9.8	CRITICAL	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	3.9	5.9	NIST
Attack Vector: Network Attack Complexity: Low Privileges Required: None User Interaction: None Scope: Unchanged Confidentiality: High Integrity: High Availability: High

CWE ids for CVE-2021-20042

CWE-441 Unintended Proxy or Intermediary ('Confused Deputy')

The product receives a request, message, or directive from an upstream component, but the product does not sufficiently preserve the original source of the request before forwarding the request to an external actor that is outside of the product's control sphere. This causes the product to appear to be the source of the request, leading it to act as a proxy or other intermediary between the upstream component and the external actor.

Assigned by: PSIRT@sonicwall.com (Secondary)
CWE-610 Externally Controlled Reference to a Resource in Another Sphere

The product uses an externally controlled name or reference that resolves to a resource that is outside of the intended control sphere.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2021-20042

https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0026

Vendor Advisory

CVEs referencing this url

Jump to

Vulnerability Details : CVE-2021-20042

Products affected by CVE-2021-20042

Exploit prediction scoring system (EPSS) score for CVE-2021-20042

CVSS scores for CVE-2021-20042

CWE ids for CVE-2021-20042

References for CVE-2021-20042