CVE-2022-22279
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:S/C:P/I:N/A:N
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
EPSS
Percentile
28.7%
A post-authentication arbitrary file read vulnerability impacting end-of-life Secure Remote Access (SRA) products and older firmware versions of Secure Mobile Access (SMA) 100 series products, specifically the SRA appliances running all 8.x, 9.0.0.5-19sv and earlier versions and Secure Mobile Access (SMA) 100 series products running older firmware 9.0.0.9-26sv and earlier versions
Affected configurations
| Vendor | Product | Version | CPE |
|---|---|---|---|
| sonicwall | sra_1200_firmware | * | cpe:2.3:o:sonicwall:sra_1200_firmware:*:*:*:*:*:*:*:* |
| sonicwall | sra_1200 | - | cpe:2.3:h:sonicwall:sra_1200:-:*:*:*:*:*:*:* |
| sonicwall | sra_4200_firmware | * | cpe:2.3:o:sonicwall:sra_4200_firmware:*:*:*:*:*:*:*:* |
| sonicwall | sra_4200 | - | cpe:2.3:h:sonicwall:sra_4200:-:*:*:*:*:*:*:* |
| sonicwall | sma_210_firmware | * | cpe:2.3:o:sonicwall:sma_210_firmware:*:*:*:*:*:*:*:* |
| sonicwall | sma_210 | - | cpe:2.3:h:sonicwall:sma_210:-:*:*:*:*:*:*:* |
| sonicwall | sma_410_firmware | * | cpe:2.3:o:sonicwall:sma_410_firmware:*:*:*:*:*:*:*:* |
| sonicwall | sma_410 | - | cpe:2.3:h:sonicwall:sma_410:-:*:*:*:*:*:*:* |
| sonicwall | sma_500v_firmware | * | cpe:2.3:o:sonicwall:sma_500v_firmware:*:*:*:*:*:*:*:* |
| sonicwall | sma_500v | - | cpe:2.3:h:sonicwall:sma_500v:-:*:*:*:*:*:*:* |
Related
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:S/C:P/I:N/A:N
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
EPSS
Percentile
28.7%