Lucene search

PRIOn knowledge basePRION:CVE-2021-20019

HistoryJun 23, 2021 - 10:15 p.m.

Spoofing

2021-06-2322:15:00

PRIOn knowledge base

www.prio-n.com

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

7.2 High

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.004 Low

EPSS

Percentile

72.6%

JSON

A vulnerability in SonicOS where the HTTP server response leaks partial memory by sending a crafted HTTP request, this can potentially lead to an internal sensitive data disclosure vulnerability.

CPENameOperatorVersion
sonicosge7.0.1
sonicoslt7.0.1
sonicosge7.0.0
sonicoslt7.0.0.376
sonicoseq6.0.5394111
sonicoseq6.5.1123110
sonicoseq6.5.4783110
sonicosveq6.5.4444-v21955

Name	Operator	Version
sonicos	ge	7.0.1
sonicos	lt	7.0.1
sonicos	ge	7.0.0
sonicos	lt	7.0.0.376
sonicos	eq	6.0.5394111
sonicos	eq	6.5.1123110
sonicos	eq	6.5.4783110
sonicosv	eq	6.5.4444-v21955

References

psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0006

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

7.2 High

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.004 Low

EPSS

Percentile

72.6%

JSON

Related for PRION:CVE-2021-20019