{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-19T02:44:47.713","vulnerabilities":[{"cve":{"id":"CVE-2021-20022","sourceIdentifier":"PSIRT@sonicwall.com","published":"2021-04-09T18:15:13.460","lastModified":"2025-11-10T19:07:07.287","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"SonicWall Email Security version 10.0.9.x contains a vulnerability that allows a post-authenticated attacker to upload an arbitrary file to the remote host."},{"lang":"es","value":"SonicWall Email Security versiĆ³n 10.0.9.x, contiene una vulnerabilidad que permite a un atacante autenticado posteriormente cargar un archivo arbitrario en el host remoto"}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","baseScore":7.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.2,"impactScore":5.9},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","baseScore":7.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.2,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"cisaExploitAdd":"2021-11-03","cisaActionDue":"2021-11-17","cisaRequiredAction":"Apply updates per vendor instructions.","cisaVulnerabilityName":"SonicWall Email Security Unrestricted Upload of File Vulnerability","weaknesses":[{"source":"PSIRT@sonicwall.com","type":"Secondary","description":[{"lang":"en","value":"CWE-434"}]},{"source":"nvd@nist.gov","type":"Secondary","description":[{"lang":"en","value":"CWE-434"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:sonicwall:email_security:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.9.6103","matchCriteriaId":"08AD853A-995F-435D-B2AC-A7A0745D6172"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*","matchCriteriaId":"A2572D17-1DE6-457B-99CC-64AFD54487EA"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:sonicwall:email_security_appliance_9000_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.9.6105","matchCriteriaId":"A06452B5-695F-4CD8-BB72-AFFB9C4BAA2B"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:sonicwall:email_security_appliance_9000:-:*:*:*:*:*:*:*","matchCriteriaId":"C2434930-79AB-4AA9-AAC8-B116F3CD5CC0"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:sonicwall:email_security_appliance_3300_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.9.6105","matchCriteriaId":"AA584C94-2321-4BBC-9FCD-D7C13C57F1DA"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:sonicwall:email_security_appliance_3300:-:*:*:*:*:*:*:*","matchCriteriaId":"ECF2B5A6-B62F-444E-BDB3-0084896CD83B"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:sonicwall:email_security_appliance_4300_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.9.6105","matchCriteriaId":"8C3C3AB8-E169-4DAD-AB81-2A7D54EB2CB4"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:sonicwall:email_security_appliance_4300:-:*:*:*:*:*:*:*","matchCriteriaId":"A18DCCAF-A373-4550-805B-EF329643B068"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:sonicwall:email_security_appliance_8300_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.9.6105","matchCriteriaId":"866762BF-F65B-4C9C-A08E-1F25041576AE"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:sonicwall:email_security_appliance_8300:-:*:*:*:*:*:*:*","matchCriteriaId":"DC5803B4-57F1-4F0C-A459-F367F56AFE16"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:sonicwall:email_security_appliance_5000_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.9.6105","matchCriteriaId":"53641CB5-CC2E-4C12-9125-64DCE99F0838"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:sonicwall:email_security_appliance_5000:-:*:*:*:*:*:*:*","matchCriteriaId":"BA9126B7-5C64-4692-954C-6EF71261862C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:sonicwall:email_security_appliance_7000_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.9.6105","matchCriteriaId":"113E3915-7EF3-42CA-8429-5310EA631DF1"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:sonicwall:email_security_appliance_7000:-:*:*:*:*:*:*:*","matchCriteriaId":"A114E829-5FC6-4321-8D28-C63EC09F9099"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:sonicwall:email_security_appliance_5050_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.9.6105","matchCriteriaId":"4803B3D7-E19F-4EE2-86BC-1DBA18A7E5E6"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:sonicwall:email_security_appliance_5050:-:*:*:*:*:*:*:*","matchCriteriaId":"271F06DD-8DAA-46EF-A803-659EA253CC63"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:sonicwall:email_security_appliance_7050_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.9.6105","matchCriteriaId":"75D58601-90F8-4501-9FD0-FA1E1E9DB546"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:sonicwall:email_security_appliance_7050:-:*:*:*:*:*:*:*","matchCriteriaId":"443B635B-6B08-479B-A635-26724B192BF0"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:sonicwall:email_security_virtual_appliance:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.9.6105","matchCriteriaId":"7A32D7D5-3EC7-4F6E-9C24-EDCFF7EC5E7E"},{"vulnerable":true,"criteria":"cpe:2.3:a:sonicwall:hosted_email_security:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.9.6103","matchCriteriaId":"D1824412-5A4F-4D69-996E-D4B3E813D21C"}]}]}],"references":[{"url":"https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0008","source":"PSIRT@sonicwall.com","tags":["Vendor Advisory"]},{"url":"https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0008","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-20022","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["US Government Resource"]}]}}]}