What the vulnerability does

01Description

A vulnerability in SonicWall SMA100 password change API allows a remote unauthenticated attacker to perform SMA100 username enumeration based on the server responses. This vulnerability impacts 10.2.1.2-24sv, 10.2.0.8-37sv and earlier 10.x versions.

Key dates

02Disclosure timeline

December 23, 2021 CVE published
August 3, 2024 Record updated