- Description
- A vulnerability exists in the SonicWall Email Security appliance due to improper input sanitization that may lead to data corruption, allowing a remote authenticated attacker as admin user could exploit this issue by providing crafted input that corrupts application database.
- Source
- PSIRT@sonicwall.com
- NVD status
- Analyzed
- Products
- email_security
CVSS 3.1
- Type
- Secondary
- Base score
- 3.8
- Impact score
- 2.5
- Exploitability score
- 1.2
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:L
- Severity
- LOW
- PSIRT@sonicwall.com
- CWE-20
- nvd@nist.gov
- NVD-CWE-noinfo
- Hype score
- Not currently trending
[
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sonicwall:email_security:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AD63C704-413C-43B7-9475-A19411E3BF6B",
"versionEndExcluding": "10.0.35.8405",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sonicwall:esa5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91ED89A0-CFFB-44D3-8DE8-64E8DB635872",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:esa5050:-:*:*:*:*:*:*:*",
"matchCriteriaId": "69CD3296-0424-46C7-82F1-3BE7892B72C2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:esa7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3FE6D8AA-F614-404A-9006-A94763AA23B5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:esa7050:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F748C59C-740B-4F52-9E0D-70F7D4E9AA07",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sonicwall:esa9000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7D46ECFF-FA41-4861-A047-1EEFD89D13DD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
]