Sonicwall Network Security Manager vulnerabilities
2 known vulnerabilities affecting sonicwall/network_security_manager.
Total CVEs
2
CISA KEV
0
Public exploits
1
Exploited in wild
1
Severity breakdown
HIGH1MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2021-45105P1MEDIUMCVSS 5.9ExploitedPoCRansomware≥ 2.0, < 3.02021-12-18
CVE-2021-45105 [MEDIUM] CWE-20 CVE-2021-45105: Apache Log4j2 versions 2.0-alpha1 through 2.16.0 (excluding 2.12.3 and 2.3.1) did not protect from u
Apache Log4j2 versions 2.0-alpha1 through 2.16.0 (excluding 2.12.3 and 2.3.1) did not protect from uncontrolled recursion from self-referential lookups. This allows an attacker with control over Thread Context Map data to cause a denial of service when a crafted string is interpreted. This issue was fixed in Log4j 2.17.0, 2.12.3, and 2.3.1.
nvd
CVE-2021-20026P2HIGHCVSS 8.8fixed in 2.2.0v2.2.02021-05-27
CVE-2021-20026 [HIGH] CWE-78 CVE-2021-20026: A vulnerability in the SonicWall NSM On-Prem product allows an authenticated attacker to perform OS
A vulnerability in the SonicWall NSM On-Prem product allows an authenticated attacker to perform OS command injection using a crafted HTTP request. This vulnerability affects NSM On-Prem 2.2.0-R10 and earlier versions.
nvd