PT-2021-13738 · Sma 500V+5 · Sma 500V+5
Published
2021-12-08
·
Updated
2023-06-26
·
CVE-2021-20042
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions:
SMA 100
SMA 200
SMA 210
SMA 400
SMA 410
SMA 500v
Description:
An unauthenticated remote attacker can use SMA 100 as an unintended proxy or intermediary undetectable proxy to bypass firewall rules.
Recommendations:
For SMA 100, consider restricting access to prevent its use as an unintended proxy.
For SMA 200, SMA 210, SMA 400, SMA 410, and SMA 500v appliances, restrict access to minimize the risk of exploitation.
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Sma100
Sma 200
Sma 210
Sma 400
Sma 410
Sma 500V