Cyber Resilience

CVE-2019-7481

HighCISA KEVActive ExploitationEUVD ExploitedRansomware-linked

Published: 17 December 2019

Published
17 December 2019
Modified
31 October 2025
KEV Added
03 November 2021
Patch
CVSS Score v3.1 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
EPSS Score 0.9434 100.0th percentile
Risk Priority 92 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2019-7481 is a high-severity SQL Injection (CWE-89) vulnerability in Sonicwall Sma 100 Firmware. Its CVSS base score is 7.5 (High).

Operationally, ranked in the top 0.0% of CVEs by exploit likelihood; CISA has added it to the Known Exploited Vulnerabilities catalog.

The strongest mitigations our analysis identified are NIST 800-53 AC-3 (Access Enforcement) and IA-8 (Identification and Authentication (Non-organizational Users)).

Deeper analysis

CVE-2019-7481 is a vulnerability in SonicWall SMA100 that permits an unauthenticated user to gain read-only access to unauthorized resources. The flaw affects SMA100 version 9.0.0.3 and earlier and is associated with CWE-89. It carries a CVSS 3.1 base score of 7.5 reflecting network attack vector, low complexity, no required privileges or user interaction, and high confidentiality impact with no integrity or availability effects.

An unauthenticated attacker can exploit the issue remotely to read sensitive data outside intended access boundaries. The vulnerability's characteristics enable such access without authentication, directly exposing restricted resources on affected appliances.

The SonicWall PSIRT advisory SNWLID-2019-0016 addresses the issue, and the vulnerability appears in CISA's catalog of known exploited vulnerabilities, confirming observed real-world exploitation activity.

EU & UK References

Vulnerability details

Vulnerability in SonicWall SMA100 allow unauthenticated user to gain read-only access to unauthorized resources. This vulnerablity impacted SMA100 version 9.0.0.3 and earlier.

CWE(s)
KEV Date Added
03 November 2021

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

sonicwall
sma 100 firmware
≤ 9.0.0.4

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly enforces approved access policies to block the unauthenticated read of unauthorized resources described in CVE-2019-7481.

prevent

Requires identification and authentication of non-organizational users before any resource access, eliminating the unauthenticated entry point exploited by the CVE.

AC-17 Remote Access partial match
prevent

Restricts and authorizes all remote access methods to the SMA100 appliance, limiting exposure of the vulnerable unauthenticated path.

References