Hardcoded credentials in SonicWall Email Security Virtual Appliance

May 13, 2021 08:00 pm Cyber Security 223

This security advisory describes one medium risk vulnerability.


1) Use of hard-coded credentials


Risk: Medium


CVSSv3.1: 7.7 [CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C] [PCI]


CVE-ID: CVE-2021-20025


CWE-ID: CWE-798 - Use of Hard-coded Credentials


Exploit availability: No


Description

The vulnerability allows a remote attacker to gain full access to vulnerable system.


The vulnerability exists due to presence of hard-coded credentials in application code, a default username and a password are used at initial setup. A remote unauthenticated attacker can access the Virtual Appliance using the default credentials only when the device is freshly installed and not connected to Mysonicwall.

Mitigation

Install updates from vendor's website.


Vulnerable software versions

SonicWall On-premise Email Security (ES): before 10.0.10


SonicWall Hosted Email Security (HES): before 10.0.10


CPE
External links

https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0012


Q & A


Can this vulnerability be exploited remotely?


Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).


Is there known malware, which exploits this vulnerability?


No. We are not aware of malware exploiting this vulnerability.




Support the originator by clicking the read the rest link below.
hardcoded credentials sonicwall email security virtual appliance
Read The Rest from the original source
cybersecurity-help.cz

Related News

Be in Touch

All Rights Reserved #1 Source for Cyber Security News, Reports and Threat Intelligence
Powered By The Internet!!!!