9.8
CVSSv3

CVE-2022-22282

Published: 13/05/2022 Updated: 25/05/2022
CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10
CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Summary

SonicWall SMA1000 series firmware 12.4.0, 12.4.1-02965 and previous versions versions incorrectly restricts access to a resource using HTTP connections from an unauthorized actor leading to Improper Access Control vulnerability.

Most Upvoted Vulmon Research Post

There is no Researcher post for this vulnerability
Would you like to share something about it? Sign up now to share your knowledge with the community.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

sonicwall 6200_firmware 12.4.0

sonicwall 6200_firmware 12.4.1

sonicwall 6210_firmware 12.4.0

sonicwall 6210_firmware 12.4.1

sonicwall 7200_firmware 12.4.0

sonicwall 7200_firmware 12.4.1

sonicwall 7210_firmware 12.4.0

sonicwall 7210_firmware 12.4.1

sonicwall 8000v_firmware 12.4.0

sonicwall 8000v_firmware 12.4.1

Recent Articles

SonicWall ‘strongly urges’ admins to patch SSLVPN SMA1000 bugs
BleepingComputer • Sergiu Gatlan • 13 May 2022

SonicWall "strongly urges" customers to patch several high-risk security flaws impacting its Secure Mobile Access (SMA) 1000 Series line of products that can let attackers bypass authorization and, potentially, compromise unpatched appliances.
SonicWall SMA 1000 SSLVPN solutions are used by enterprises to simplify end-to-end secure remote access to corporate resources across on-prem, cloud, and hybrid data center environments.
While the first flaw (an un...