github - ghsa-7jhp-ff4f-8fx7

GHSA-7JHP-FF4F-8FX7

Vulnerability from github – Published: 2021-12-09 00:01 – Updated: 2023-06-26 21:30

Details

An unauthenticated remote attacker can use SMA 100 as an unintended proxy or intermediary undetectable proxy to bypass firewall rules. This vulnerability affected SMA 200, 210, 400, 410 and 500v appliances.

Severity ?

9.8 (Critical)


                  
                    CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2021-20042"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-441",
      "CWE-610"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-12-08T10:15:00Z",
    "severity": "CRITICAL"
  },
  "details": "An unauthenticated remote attacker can use SMA 100 as an unintended proxy or intermediary undetectable proxy to bypass firewall rules. This vulnerability affected SMA 200, 210, 400, 410 and 500v appliances.",
  "id": "GHSA-7jhp-ff4f-8fx7",
  "modified": "2023-06-26T21:30:53Z",
  "published": "2021-12-09T00:01:12Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-20042"
    },
    {
      "type": "WEB",
      "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0026"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

CVE-2021-20042 (GCVE-0-2021-20042)

Vulnerability from cvelistv5 – Published: 2021-12-08 09:55 – Updated: 2024-08-03 17:30

Summary

Severity ?

No CVSS data available.

CWE

CWE-441 - Unintended Proxy or Intermediary ('Confused Deputy')

Assigner

sonicwall

References

URL

Tags

https://psirt.global.sonicwall.com/vuln-detail/SN…

x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	SonicWall	SonicWall SMA100	Affected: 9.0.0.11-31sv and earlier Affected: 10.2.0.8-37sv and earlier Affected: 10.2.1.1-19sv and earlier Affected: 10.2.1.2-24sv and earlier

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T17:30:07.516Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0026"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "SonicWall SMA100",
          "vendor": "SonicWall",
          "versions": [
            {
              "status": "affected",
              "version": "9.0.0.11-31sv and earlier"
            },
            {
              "status": "affected",
              "version": "10.2.0.8-37sv and earlier"
            },
            {
              "status": "affected",
              "version": "10.2.1.1-19sv and earlier"
            },
            {
              "status": "affected",
              "version": "10.2.1.2-24sv and earlier"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "An unauthenticated remote attacker can use SMA 100 as an unintended proxy or intermediary undetectable proxy to bypass firewall rules. This vulnerability affected SMA 200, 210, 400, 410 and 500v appliances."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-441",
              "description": "CWE-441: Unintended Proxy or Intermediary (\u0027Confused Deputy\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-12-08T09:55:25",
        "orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
        "shortName": "sonicwall"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0026"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "PSIRT@sonicwall.com",
          "ID": "CVE-2021-20042",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "SonicWall SMA100",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "9.0.0.11-31sv and earlier"
                          },
                          {
                            "version_value": "10.2.0.8-37sv and earlier"
                          },
                          {
                            "version_value": "10.2.1.1-19sv and earlier"
                          },
                          {
                            "version_value": "10.2.1.2-24sv and earlier"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "SonicWall"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An unauthenticated remote attacker can use SMA 100 as an unintended proxy or intermediary undetectable proxy to bypass firewall rules. This vulnerability affected SMA 200, 210, 400, 410 and 500v appliances."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-441: Unintended Proxy or Intermediary (\u0027Confused Deputy\u0027)"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0026",
              "refsource": "CONFIRM",
              "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0026"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
    "assignerShortName": "sonicwall",
    "cveId": "CVE-2021-20042",
    "datePublished": "2021-12-08T09:55:25",
    "dateReserved": "2020-12-17T00:00:00",
    "dateUpdated": "2024-08-03T17:30:07.516Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

GHSA-7JHP-FF4F-8FX7

CVE-2021-20042 (GCVE-0-2021-20042)

Tags

Sightings

Nomenclature