CERTFR-2021-AVI-480
Vulnerability from certfr_avis

Une vulnérabilité a été découverte dans SonicWall SonicOS. Elle permet à un attaquant de provoquer une atteinte à la confidentialité des données.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None
Impacted products
Vendor Product Description
Sonicwall SonicOS SonicOSv versions 6.5.4.4 antérieures à 6.5.4.4-44v-21-1288
Sonicwall SonicOS SonicOS versions antérieures à 7.0.0.376, 7.0.1-R579
Sonicwall SonicOS SonicOS versions 7.0.1-R1036 antérieures à 7.0.1-R1282/1283
Sonicwall SonicOS SonicOS versions 6.5.4.8 antérieures à 6.5.4.8-89n
Sonicwall SonicOS SonicOS versions 7.0.0-R713 antérieures à 7.0.0-R906, 7.0.1-R1456
Sonicwall SonicOS SonicOS versions 6.0.5.3-94o et antérieures. Un correctif sera disponible à une date ultérieure.
Sonicwall SonicOS SonicOS versions 6.5.1.12-3n et antérieures. Un correctif sera disponible à une date ultérieure.
References

Show details on source website

To clipboard 

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "SonicOSv versions 6.5.4.4 ant\u00e9rieures \u00e0 6.5.4.4-44v-21-1288",
      "product": {
        "name": "SonicOS",
        "vendor": {
          "name": "Sonicwall",
          "scada": false
        }
      }
    },
    {
      "description": "SonicOS versions ant\u00e9rieures \u00e0 7.0.0.376, 7.0.1-R579",
      "product": {
        "name": "SonicOS",
        "vendor": {
          "name": "Sonicwall",
          "scada": false
        }
      }
    },
    {
      "description": "SonicOS versions 7.0.1-R1036 ant\u00e9rieures \u00e0 7.0.1-R1282/1283",
      "product": {
        "name": "SonicOS",
        "vendor": {
          "name": "Sonicwall",
          "scada": false
        }
      }
    },
    {
      "description": "SonicOS versions 6.5.4.8 ant\u00e9rieures \u00e0 6.5.4.8-89n",
      "product": {
        "name": "SonicOS",
        "vendor": {
          "name": "Sonicwall",
          "scada": false
        }
      }
    },
    {
      "description": "SonicOS versions 7.0.0-R713 ant\u00e9rieures \u00e0 7.0.0-R906, 7.0.1-R1456",
      "product": {
        "name": "SonicOS",
        "vendor": {
          "name": "Sonicwall",
          "scada": false
        }
      }
    },
    {
      "description": "SonicOS versions 6.0.5.3-94o et ant\u00e9rieures. Un correctif sera disponible \u00e0 une date ult\u00e9rieure.",
      "product": {
        "name": "SonicOS",
        "vendor": {
          "name": "Sonicwall",
          "scada": false
        }
      }
    },
    {
      "description": "SonicOS versions 6.5.1.12-3n et ant\u00e9rieures. Un correctif sera disponible \u00e0 une date ult\u00e9rieure.",
      "product": {
        "name": "SonicOS",
        "vendor": {
          "name": "Sonicwall",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2021-20019",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-20019"
    }
  ],
  "initial_release_date": "2021-06-23T00:00:00",
  "last_revision_date": "2021-06-23T00:00:00",
  "links": [
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2021-20019",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-20019"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 SonicWall SNWLID-2021-0006 du 22 juin 2021",
      "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0006"
    }
  ],
  "reference": "CERTFR-2021-AVI-480",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2021-06-23T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans SonicWall SonicOS. Elle permet \u00e0\nun attaquant de provoquer une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.\n",
  "title": "Vuln\u00e9rabilit\u00e9 dans SonicWall SonicOS",
  "vendor_advisories": []
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.