CVE-2021-20024
CVSS2
Attack Vector
ADJACENT_NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:A/AC:L/Au:N/C:P/I:N/A:C
CVSS3
Attack Vector
ADJACENT
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
EPSS
Percentile
30.6%
Multiple Out-of-Bound read vulnerability in SonicWall Switch when handling LLDP Protocol allows an attacker to cause a system instability or potentially read sensitive information from the memory locations.
Affected configurations
| Vendor | Product | Version | CPE |
|---|---|---|---|
| sonicwall | switch | * | cpe:2.3:o:sonicwall:switch:*:*:*:*:*:*:*:* |
| sonicwall | sws12-10fpoe | - | cpe:2.3:h:sonicwall:sws12-10fpoe:-:*:*:*:*:*:*:* |
| sonicwall | sws12-8 | - | cpe:2.3:h:sonicwall:sws12-8:-:*:*:*:*:*:*:* |
| sonicwall | sws12-8poe | - | cpe:2.3:h:sonicwall:sws12-8poe:-:*:*:*:*:*:*:* |
| sonicwall | sws14-24 | - | cpe:2.3:h:sonicwall:sws14-24:-:*:*:*:*:*:*:* |
| sonicwall | sws14-24fpoe | - | cpe:2.3:h:sonicwall:sws14-24fpoe:-:*:*:*:*:*:*:* |
| sonicwall | sws14-48 | - | cpe:2.3:h:sonicwall:sws14-48:-:*:*:*:*:*:*:* |
| sonicwall | sws14-48fpoe | - | cpe:2.3:h:sonicwall:sws14-48fpoe:-:*:*:*:*:*:*:* |
Related
CVSS2
Attack Vector
ADJACENT_NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:A/AC:L/Au:N/C:P/I:N/A:C
CVSS3
Attack Vector
ADJACENT
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
EPSS
Percentile
30.6%