CVE-2019-7488

Published: Dec 23, 2019Modified: Nov 21, 2024

9.8

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitability: 3.9 / Impact: 5.9

Source: NVD

Description

Weak default password cause vulnerability in SonicWall Email Security appliance which leads to attacker gain access to appliance database. This vulnerability affected Email Security Appliance version 10.0.2 and earlier.

Affected (1)

Products: Sonicwall: Email Security Appliance

Sonicwall

1 product

Email Security Appliance

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Sonicwall Email Security Appliance	Up to 10.0.2

Related CWEs

CWE-255

CWE-521

Weak Password Requirements

The product does not require that users should have strong passwords, which makes it easier for attackers to compromise user accounts.

References (2)

https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0014

Source: PSIRT@sonicwall.com

Vendor Advisory

https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0014

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.