SMA 100 10.2.1 Release Notes
Version 10.2.1.3
December 2021
About Secure Mobile Access
Secure Mobile Access (SMA) provides scalable, secure mobile access for your enterprise while blocking untrusted applications, WiFi pirates, and mobile malware. SMA appliances provide a single gateway and a common user experience across all platforms, including managed and unmanaged devices. Traffic is encrypted using Secure Sockets Layer/Transport Layer Security (SSL/TLS) to protect it from unauthorized users.
SMA is available as a physical appliance or as a virtual appliance running on VMWare ESXi, Microsoft Hyper-V, Amazon Web Services (AWS), Azure, and KVM.
Compatibility and Installation Notes
- Most popular browsers are supported, but Google Chrome is preferred for the real-time graphics display on the Dashboard.
- A MySonicWall account is required.
-
SMA 10.2.1.3 is compatible with Capture Security Center (CSC).
CSC provides a cloud dashboard that displays the overall status of all the registered SMA appliances. The dashboard has sliders to choose the Time Period, Count of Alerts, Threats, WAF Threats, Authentications, VPN Accesses, Bookmark Access, Active devices and Users on a Map, and Threats categories.
Use your MySonicWall credentials to log into CSC at https://cloud.sonicwall.com.
Click the SMA tile to view the SMA Dashboard, complete registration, and enable cloud management.
SonicWall SMA 10.2.1.3 is supported on the following SonicWall appliances:
- SMA 200/400
- SMA 210/410
SMA 500v for ESXi
- Supported for deployment on VMware ESXi 6.0 and higher
SMA 500v for HyperV
- Supported for deployment on Hyper-V server version 2016 and 2019
- SMA 500v for AWS
- SMA 500v for Azure
- SMA 500v for KVM
What's New
-
WireGuard Integration with SMA100 products. For information about this feature, see the WireGuard Feature Guide available on the Support portal at https://www.sonicwall.com/support/technical-documentation/.
WireGuard feature for SMA 10.2.1.3 is a Tech Preview build. The full support for WireGuard would be available from SMA 10.2.2 onwards.
Resolved Issues
This section provides a list of resolved issues in this release.
| Issue ID | Issue Description |
|---|---|
| SMA-3235 | Vulnerability: SMA100 multiple unauthenticated File Explorer Heap-based and Stack-based Buffer Overflows. |
| SMA-3233 | Vulnerability: SMA100 POST Auth RCE. |
| SMA-3231 | Vulnerability: SMA100 getBookmarks Heap-based Buffer Overflow. |
| SMA-3229 | The change password dialogue does not appear in contemporary mode, but it does in classic mode. |
| SMA-3228 | DUO radius authentication broken for NetEx/MC users after 10.2.1.2 upgrade. |
| SMA-3217 | Vulnerability: Critical SMA100 unauthenticated stack-based buffer overflow. |
| SMA-3213 | Lets encrypt certificate is not working. |
| SMA-3208 | Vulnerability: SMA100 Unauthenticated "Confused Deputy". |
| SMA-3207 | Vulnerability: SMA100 Unauthenticated CPU exhaustion vulnerability. |
| SMA-3206 | Vulnerability: SMA100 Unauthenticated file upload path traversal vulnerability |
| SMA-3204 | Vulnerability: SMA100 authenticated command injection vulnerability as Root. |
| SMA-3199 | Clicking on customer logo with user login redirecting to admin console. |
| SMA-3138 | Error when connecting to SonicWall Firewall via SSHv2 bookmark with custom credentials. |
| SMA-3111 | Vulnerability: HTTP Host Head Value Reflections. |
| SMA-1980 | Security Issue: SMA Agent/NetExtender do not assign an individual device ID. |
Known Issues
This section provides a list of known issues in this release.
| Issue ID | Issue Description |
|---|---|
| SMA-3282 | Duo is not working with Linux NX with wireguard protocol. |
| SMA-3281 | The warning message "No country was selected" pops up when adding GeoIP policies on Geo IP & Botnet Filter > Policies page. |
| SMA-3262 | Time is wrong on SCHEDULED REBOOT on diag setting page. |
| SMA-3249 | Linux NX error message is wrong for local password update with password complexity. |
Was This Article Helpful?
Help us to improve our support portal