Critical SQL-Injection Vulnerability in SonicWall SSLVPN SMA100 (Build Version 10.x)

CVE-2021-20016 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

A SQL-Injection vulnerability in the SonicWall SSLVPN SMA100 product allows a remote unauthenticated attacker to perform SQL query to access username password and other session related information. This vulnerability impacts SMA100 build version 10.x.

Learn more about our Cis Benchmark Audit For Microsoft Sql Server.