CVE-2024-22398

2024-03-1404:15:09

CWE-22

[email protected]

web.nvd.nist.gov

sonicwall

email security

path traversal

vulnerability

cve-2024-22398

nvd

7 High

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

10.6%

JSON

An improper Limitation of a Pathname to a Restricted Directory (Path Traversal) vulnerability in SonicWall Email Security Appliance could allow a remote attacker with administrative privileges to conduct a directory traversal attack and delete arbitrary files from the appliance file system.

CNA Affected

[
  {
    "defaultStatus": "unknown",
    "platforms": [
      "Linux"
    ],
    "product": "Email Security",
    "vendor": "SonicWall",
    "versions": [
      {
        "status": "affected",
        "version": "10.0.26.7807 and earlier versions"
      }
    ]
  }
]

References

psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0006