CVE-2022-22279

Common vulnerabilities & exposures (CVE)

CVE database CVE database blogpost Release & EoL database

Published at: - 13-04-2022 08:15

Last modified: - 21-04-2022 05:23

Total changes: - 2

Description

** UNSUPPORTED WHEN ASSIGNED ** A post-authentication arbitrary file read vulnerability impacting end-of-life Secure Remote Access (SRA) products and older firmware versions of Secure Mobile Access (SMA) 100 series products, specifically the SRA appliances running all 8.x, 9.0.0.5-19sv and earlier versions and Secure Mobile Access (SMA) 100 series products running older firmware 9.0.0.9-26sv and earlier versions.

Common Vulnerability Scoring System (CVSS)

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

Low

Attack complexity

Network

Attack vector

None

Availability

High

Confidentiality

None

Integrity

High

Privileges required

Unchanged

Scope

None

User interaction

4.9

Base score

1.2

3.6

Exploitability score

Impact score

Verification logic

AND

vendor=sonicwall AND product=sra_1200_firmware AND versionEndIncluding=9.0.0.5-19sv

vendor=sonicwall AND product=sra_1200 AND version=-

AND

vendor=sonicwall AND product=sra_4200_firmware AND versionEndIncluding=9.0.0.5-19sv

vendor=sonicwall AND product=sra_4200 AND version=-

AND

vendor=sonicwall AND product=sma_210_firmware AND versionEndExcluding=9.0.0.10-28sv

vendor=sonicwall AND product=sma_210 AND version=-

AND

vendor=sonicwall AND product=sma_410_firmware AND versionEndExcluding=9.0.0.10-28sv

vendor=sonicwall AND product=sma_410 AND version=-

AND

vendor=sonicwall AND product=sma_500v_firmware AND versionEndExcluding=9.0.0.10-28sv

vendor=sonicwall AND product=sma_500v AND version=-

Reference

https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0006

Keywords

CVE-2022-22279

Common vulnerabilities & exposures (CVE)

Description

Common Vulnerability Scoring System (CVSS)

Verification logic

Reference

NVD

CVE-2022-22279

CVE

Common vulnerabilities & exposures

CVSS

Common vulnerability scoring system

Security

Vulnerabilities

Exposures