CVE-2021-20021CISA KEV: Actively Exploited

SonicWall Email Security Improper Privilege Management Vulnerability

Published Nov 3, 2021·Updated Nov 3, 2021

Description

SonicWall Email Security contains an improper privilege management vulnerability that allows an attacker to create an administrative account by sending a crafted HTTP request to the remote host. This vulnerability has known usage in a SonicWall Email Security exploit chain along with CVE-2021-20022 and CVE-2021-20023 to achieve privilege escalation.

References

View on NVD Search GitHub Search Google

Get alerted for CVEs like this

Register your stack and get notified within minutes when a matching CVE drops.

Start monitoring free