CVE-2022-22275

2022-04-2716:25:13

CWE-400

sonicwall

www.cve.org

0.001 Low

EPSS

Percentile

38.6%

JSON

Improper Restriction of TCP Communication Channel in HTTP/S inbound traffic from WAN to DMZ bypassing security policy until TCP handshake potentially resulting in Denial of Service (DoS) attack if a target host is vulnerable.

CNA Affected

[
  {
    "product": "SonicOS",
    "vendor": "SonicWall",
    "versions": [
      {
        "status": "affected",
        "version": "SonicOS Gen 7 TZ-Series 7.0.1-5030-R2007 and earlier versions."
      },
      {
        "status": "affected",
        "version": "SonicOS Gen 7 NSa-Series 7.0.1-5030-R2007 and earlier versions."
      },
      {
        "status": "affected",
        "version": "SonicOS Gen 7 NSv-Series 7.0.1.0-5030-1391 and earlier versions."
      },
      {
        "status": "affected",
        "version": "SonicOS Gen 7 NSsp-Series 7.0.1-5030-R780 and earlier versions."
      }
    ]
  }
]

References

psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0004

0.001 Low

EPSS

Percentile

38.6%

JSON

Related for CVELIST:CVE-2022-22275