ID
VAR-202204-1933
CVE
CVE-2021-20051
TITLE
SonicWALL of global vpn client Vulnerability regarding uncontrolled search path elements in
Trust: 0.8
sources:
JVNDB: JVNDB-2022-009101
DESCRIPTION
SonicWall Global VPN Client 4.10.7.1117 installer (32-bit and 64-bit) and earlier versions have a DLL Search Order Hijacking vulnerability in one of the installer components. Successful exploitation via a local attacker could result in command execution in the target system. (DoS) It may be in a state
Trust: 1.8
sources:
NVD: CVE-2021-20051 //
JVNDB: JVNDB-2022-009101 //
VULHUB: VHN-377670 //
VULMON: CVE-2021-20051
AFFECTED PRODUCTS
| vendor: | sonicwall | model: | global vpn client | scope: | lte | version: | 4.10.7.1117 | Trust: 1.0 |
| vendor: | sonicwall | model: | global vpn client | scope: | - | version: | - | Trust: 0.8 |
| vendor: | sonicwall | model: | global vpn client | scope: | lte | version: | 4.10.7.1117 and earlier | Trust: 0.8 |
| vendor: | sonicwall | model: | global vpn client | scope: | eq | version: | - | Trust: 0.8 |
sources:
JVNDB: JVNDB-2022-009101 //
NVD: CVE-2021-20051
CVSS
SEVERITY | CVSSV2 | CVSSV3 | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
|
sources:
VULHUB: VHN-377670 //
VULMON: CVE-2021-20051 //
JVNDB: JVNDB-2022-009101 //
CNNVD: CNNVD-202204-4545 //
NVD: CVE-2021-20051
PROBLEMTYPE DATA
| problemtype: | CWE-427 | Trust: 1.1 |
| problemtype: | Uncontrolled search path elements (CWE-427) [NVD evaluation ] | Trust: 0.8 |
sources:
VULHUB: VHN-377670 //
JVNDB: JVNDB-2022-009101 //
NVD: CVE-2021-20051
THREAT TYPE
local
Trust: 0.6
sources:
CNNVD: CNNVD-202204-4545
TYPE
code problem
Trust: 0.6
sources:
CNNVD: CNNVD-202204-4545
PATCH
| title: | SonicWall Global VPN Client Fixes for code issue vulnerabilities | url: | http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=192608 | Trust: 0.6 |
sources:
CNNVD: CNNVD-202204-4545
EXTERNAL IDS
| db: | NVD | id: | CVE-2021-20051 | Trust: 3.4 |
| db: | JVNDB | id: | JVNDB-2022-009101 | Trust: 0.8 |
| db: | CS-HELP | id: | SB2022042801 | Trust: 0.6 |
| db: | CNNVD | id: | CNNVD-202204-4545 | Trust: 0.6 |
| db: | VULHUB | id: | VHN-377670 | Trust: 0.1 |
| db: | VULMON | id: | CVE-2021-20051 | Trust: 0.1 |
sources:
VULHUB: VHN-377670 //
VULMON: CVE-2021-20051 //
JVNDB: JVNDB-2022-009101 //
CNNVD: CNNVD-202204-4545 //
NVD: CVE-2021-20051
REFERENCES
| url: | https://psirt.global.sonicwall.com/vuln-detail/snwlid-2021-0036 | Trust: 2.6 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2021-20051 | Trust: 0.8 |
| url: | https://cxsecurity.com/cveshow/cve-2021-20051/ | Trust: 0.6 |
| url: | https://www.cybersecurity-help.cz/vdb/sb2022042801 | Trust: 0.6 |
| url: | https://cwe.mitre.org/data/definitions/427.html | Trust: 0.1 |
| url: | https://nvd.nist.gov | Trust: 0.1 |
sources:
VULHUB: VHN-377670 //
VULMON: CVE-2021-20051 //
JVNDB: JVNDB-2022-009101 //
CNNVD: CNNVD-202204-4545 //
NVD: CVE-2021-20051
SOURCES
| db: | VULHUB | id: | VHN-377670 |
| db: | VULMON | id: | CVE-2021-20051 |
| db: | JVNDB | id: | JVNDB-2022-009101 |
| db: | CNNVD | id: | CNNVD-202204-4545 |
| db: | NVD | id: | CVE-2021-20051 |
LAST UPDATE DATE
2024-08-14T15:01:03.789000+00:00
SOURCES UPDATE DATE
| db: | VULHUB | id: | VHN-377670 | date: | 2022-05-12T00:00:00 |
| db: | VULMON | id: | CVE-2021-20051 | date: | 2022-05-12T00:00:00 |
| db: | JVNDB | id: | JVNDB-2022-009101 | date: | 2023-08-02T08:23:00 |
| db: | CNNVD | id: | CNNVD-202204-4545 | date: | 2022-05-13T00:00:00 |
| db: | NVD | id: | CVE-2021-20051 | date: | 2022-05-12T16:12:45.750 |
SOURCES RELEASE DATE
| db: | VULHUB | id: | VHN-377670 | date: | 2022-05-04T00:00:00 |
| db: | VULMON | id: | CVE-2021-20051 | date: | 2022-05-04T00:00:00 |
| db: | JVNDB | id: | JVNDB-2022-009101 | date: | 2023-08-02T00:00:00 |
| db: | CNNVD | id: | CNNVD-202204-4545 | date: | 2022-04-28T00:00:00 |
| db: | NVD | id: | CVE-2021-20051 | date: | 2022-05-04T16:15:07.997 |