CVE-2021-20032

2021-08-1023:05:11

CWE-16

sonicwall

www.cve.org

sonicwall

analytics

on-prem

jdwp

vulnerability

remote code execution

AI Score

9.9

Confidence

High

EPSS

0.005

Percentile

77.5%

JSON

SonicWall Analytics 2.5 On-Prem is vulnerable to Java Debug Wire Protocol (JDWP) interface security misconfiguration vulnerability which potentially leads to Remote Code Execution. This vulnerability impacts Analytics On-Prem 2.5.2518 and earlier.

CNA Affected

[
  {
    "product": "SonicWall Analytics On-Prem",
    "vendor": "SonicWall",
    "versions": [
      {
        "status": "affected",
        "version": "Analytics On-Prem 2.5.2518 and earlier"
      }
    ]
  }
]

References

psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0018