AI Score
Confidence
Low
EPSS
Percentile
50.4%
SSVC
Exploitation
none
Automatable
yes
Technical Impact
total
Improper neutralization of Special Elements leading to OS Command Injection vulnerability impacting end-of-life Secure Remote Access (SRA) products and older firmware versions of Secure Mobile Access (SMA) 100 series products, specifically the SRA appliances running all 8.x, 9.0.0.5-19sv and earlier versions and Secure Mobile Access (SMA) 100 series products running older firmware 9.0.0.9-26sv and earlier versions
[
{
"product": "SonicWall SRA/SMA100",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "SRA Series 9.0.0.5-19sv and earlier versions."
},
{
"status": "affected",
"version": "SMA100 Series 9.0.0.9-26sv and earlier versions."
}
]
}
]
[
{
"cpes": [
"cpe:2.3:a:sonicwall:sma_100:*:*:*:*:*:*:*:*"
],
"vendor": "sonicwall",
"product": "sma_100",
"versions": [
{
"status": "affected",
"version": "0",
"versionType": "custom",
"lessThanOrEqual": "9.0.0.9-26sv"
}
],
"defaultStatus": "unknown"
},
{
"cpes": [
"cpe:2.3:a:sonicwall:sra:*:*:*:*:*:*:*:*"
],
"vendor": "sonicwall",
"product": "sra",
"versions": [
{
"status": "affected",
"version": "0",
"versionType": "custom",
"lessThanOrEqual": "9.0.0.5-19sv"
}
],
"defaultStatus": "unknown"
}
]