{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-11T20:45:23.471","vulnerabilities":[{"cve":{"id":"CVE-2021-20023","sourceIdentifier":"PSIRT@sonicwall.com","published":"2021-04-20T12:15:12.587","lastModified":"2025-11-12T14:32:02.917","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"SonicWall Email Security version 10.0.9.x contains a vulnerability that allows a post-authenticated attacker to read an arbitrary file on the remote host."},{"lang":"es","value":"SonicWall Email Security versiĆ³n 10.0.9.x, contiene una vulnerabilidad que permite a un atacante autenticado posteriormente leer un archivo arbitrario en el host remoto"}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N","baseScore":4.9,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":1.2,"impactScore":3.6},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N","baseScore":4.9,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":1.2,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:P/I:N/A:N","baseScore":4.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"cisaExploitAdd":"2021-11-03","cisaActionDue":"2021-11-17","cisaRequiredAction":"Apply updates per vendor instructions.","cisaVulnerabilityName":"SonicWall Email Security Path Traversal Vulnerability","weaknesses":[{"source":"PSIRT@sonicwall.com","type":"Secondary","description":[{"lang":"en","value":"CWE-22"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-22"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:sonicwall:email_security:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.9.6173","matchCriteriaId":"5EA2AE41-BCD4-4F77-8883-D201C1AFD110"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*","matchCriteriaId":"A2572D17-1DE6-457B-99CC-64AFD54487EA"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:sonicwall:email_security_appliance_9000_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.9.6177","matchCriteriaId":"0A418BFA-C4E6-4473-9740-794107F86084"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:sonicwall:email_security_appliance_9000:-:*:*:*:*:*:*:*","matchCriteriaId":"C2434930-79AB-4AA9-AAC8-B116F3CD5CC0"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:sonicwall:email_security_appliance_3300_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.9.6177","matchCriteriaId":"28AF18A3-3E72-400A-81A3-E0D32D550FC1"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:sonicwall:email_security_appliance_3300:-:*:*:*:*:*:*:*","matchCriteriaId":"ECF2B5A6-B62F-444E-BDB3-0084896CD83B"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:sonicwall:email_security_appliance_4300_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.9.6177","matchCriteriaId":"738196AF-ECBE-4AC2-914E-1DCF74DFD6A9"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:sonicwall:email_security_appliance_4300:-:*:*:*:*:*:*:*","matchCriteriaId":"A18DCCAF-A373-4550-805B-EF329643B068"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:sonicwall:email_security_appliance_8300_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.9.6177","matchCriteriaId":"4667576A-993F-4622-B7AC-AC62DD6EFDFA"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:sonicwall:email_security_appliance_8300:-:*:*:*:*:*:*:*","matchCriteriaId":"DC5803B4-57F1-4F0C-A459-F367F56AFE16"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:sonicwall:email_security_appliance_5000_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.9.6177","matchCriteriaId":"848AD231-F47D-49E3-B10B-5247240191EA"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:sonicwall:email_security_appliance_5000:-:*:*:*:*:*:*:*","matchCriteriaId":"BA9126B7-5C64-4692-954C-6EF71261862C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:sonicwall:email_security_appliance_7000_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.9.6177","matchCriteriaId":"9908D0F6-1D47-4C2B-B546-3B5614EB827F"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:sonicwall:email_security_appliance_7000:-:*:*:*:*:*:*:*","matchCriteriaId":"A114E829-5FC6-4321-8D28-C63EC09F9099"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:sonicwall:email_security_appliance_5050_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.9.6177","matchCriteriaId":"AD7A6C11-2167-4294-97E9-C467EE9E1B78"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:sonicwall:email_security_appliance_5050:-:*:*:*:*:*:*:*","matchCriteriaId":"271F06DD-8DAA-46EF-A803-659EA253CC63"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:sonicwall:email_security_appliance_7050_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.9.6177","matchCriteriaId":"B6220761-AC7E-42BD-A028-CC12EE9B3430"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:sonicwall:email_security_appliance_7050:-:*:*:*:*:*:*:*","matchCriteriaId":"443B635B-6B08-479B-A635-26724B192BF0"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:sonicwall:email_security_virtual_appliance:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.9.6177","matchCriteriaId":"27799885-B16C-4B14-A780-54E7E20B6CB3"},{"vulnerable":true,"criteria":"cpe:2.3:a:sonicwall:hosted_email_security:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.9.6173","matchCriteriaId":"DCFC13F9-2DE3-412F-8C8B-847C81811B11"}]}]}],"references":[{"url":"https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0010","source":"PSIRT@sonicwall.com","tags":["Vendor Advisory"]},{"url":"https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0010","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-20023","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["US Government Resource"]}]}}]}