VDB

CVE-2021-20042

CVE-2021-20042 PUBLISHED CVSS 7.5 HIGH

An unauthenticated remote attacker can use SMA 100 as an unintended proxy or intermediary undetectable proxy to bypass firewall rules. This vulnerability affected SMA 200, 210, 400, 410 and 500v appliances.

EPSS 0.56% · 68.7th percentile

Risk Scores

CVSS 2.0
7.5
EPSS Score
0.56%
68.7th percentile

Affected Products

VendorProductVersions
sonicwallsma_500v_firmware10.2.0.8-37sv, 10.2.1.1-19sv, 9.0.0.11-31sv
SonicWallSonicWall SMA1009.0.0.11-31sv and earlier, 10.2.1.2-24sv and earlier, *
sonicwallsma_410_firmware10.2.0.8-37sv, 10.2.1.1-19sv, 9.0.0.11-31sv
sonicwallsma_400_firmware10.2.0.8-37sv, 10.2.1.1-19sv, 9.0.0.11-31sv
sonicwallsma_210_firmware9.0.0.11-31sv, 10.2.0.8-37sv, 10.2.1.1-19sv
sonicwallsma_200_firmware10.2.1.1-19sv, 10.2.0.8-37sv, 9.0.0.11-31sv

Timeline

  • Dec 7, 2021 CVE Published
  • Dec 9, 2021 EPSS Score
  • Jan 6, 2022 EPSS Score
  • Feb 2, 2022 EPSS Score
  • Mar 28, 2022 EPSS Score
  • Apr 1, 2022 EPSS Score
  • May 22, 2022 EPSS Score
  • Jul 16, 2022 EPSS Score
  • Sep 9, 2022 EPSS Score
  • Dec 27, 2022 EPSS Score
  • Feb 19, 2023 EPSS Score
  • Mar 7, 2023 EPSS Score
Open in Interactive Console →
$ Console Community · 100/wk Open console ›