COOEY // HUBcompliance · community · intelligence

FAIL › dossier

SonicWall Email Security product

3
failure events
0
zero-days
1
RCEs
3
on KEV
3
critical
95
worst shame

Dossier not yet built — the RAG curator builds one for players with ≥2 failure events (factory/dossier.py). The failure history and sentiment below are live.

Failure history 3 events

DateEventSevFlagsShameSummary
2021-11-03 CVE-2021-20022 critical ⚡RCE ⌖KEV 95 SonicWall Email Security contains an unrestricted upload of file with dangerous type vulnerability that allows a post-authenticated attacker to upload a file to the remote host. This vulnerability has known usage in a SonicWall Email Security exploit chain along with CVE-2021-200
2021-11-03 CVE-2021-20021 critical ⌖KEV 80 SonicWall Email Security contains an improper privilege management vulnerability that allows an attacker to create an administrative account by sending a crafted HTTP request to the remote host. This vulnerability has known usage in a SonicWall Email Security exploit chain along
2021-11-03 CVE-2021-20023 critical ⌖KEV 80 SonicWall Email Security contains a path traversal vulnerability that allows a post-authenticated attacker to read files on the remote host. This vulnerability has known usage in a SonicWall Email Security exploit chain along with CVE-2021-20021 and CVE-2021-20022 to achieve priv