CVE-2021-20016 | Cybersecurity Alerts | Nexus IT Services, LLC

← Back to Cybersecurity Alerts

CVE-2021-20016

SonicWall | SSLVPN SMA100Added 2021-11-03Remediation Deadline 2021-11-17Active Ransomware Campaign

SonicWall SSLVPN SMA100 SQL Injection Vulnerability

SonicWall SSLVPN SMA100 contains a SQL injection vulnerability that allows remote exploitation for credential access by an unauthenticated attacker.

Required Action

Apply updates per vendor instructions.

Weakness Classification

CWE-89

References

https://nvd.nist.gov/vuln/detail/CVE-2021-20016