CVE-2021-20050

Description

An Improper Access Control Vulnerability in the SMA100 series leads to multiple restricted management APIs being accessible without a user login, potentially exposing configuration meta-data.

Affected products

• SonicWall / SonicWall SMA10010.2.0.8-37sv and earlier – 10.2.0.8-37sv and earlier
• SonicWall / SonicWall SMA10010.2.1.2-24sv and earlier – 10.2.1.2-24sv and earlier

References

• VENDOR_ADVISORYhttps://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0031