CVE-2024-22398

2024-03-1404:15:09

CWE-22

[email protected]

web.nvd.nist.gov

vulnerability

path traversal

sonicwall

email security

remote attacker

administrative privileges

directory traversal

delete

arbitrary files

appliance file system

6.8 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

10.7%

JSON

An improper Limitation of a Pathname to a Restricted Directory (Path Traversal) vulnerability in SonicWall Email Security Appliance could allow a remote attacker with administrative privileges to conduct a directory traversal attack and delete arbitrary files from the appliance file system.

References

psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0006