SB2022042717 - Multiple vulnerabilities in SonicWall SonicOS
Published: April 27, 2022
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 4 secuirty vulnerabilities.
1) Resource exhaustion (CVE-ID: CVE-2022-22275)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to incorrect processing of HTTP/S inbound traffic from WAN to DMZ. A remote attacker can bypass security policy until TCP handshake is complete and perform a denial of service (DoS) attack, if the target application is vulnerable to a denial of service.
2) Information disclosure (CVE-ID: CVE-2022-22276)
The vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to configured SNMP service remains accessible to external users even if the SNMP is disabled in firewall interfaces. A remote non-authenticated attacker can connect to the SNMP service and obtain sensitive information.
3) Cleartext transmission of sensitive information (CVE-ID: CVE-2022-22277)
The vulnerability allows a remote attacker to gain access to sensitive information.
The vulnerability exists due to SNMP-Reply includes SSID Password in cleartext. A remote attacker with ability to intercept network traffic can gain access to sensitive data.
4) Allocation of Resources Without Limits or Throttling (CVE-ID: CVE-2022-22278)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to CFS (Content filtering service) in SonicOS returns a large 403 forbidden
HTTP response message to the source address when users try to access
resources prohibited by CFS feature. A remote attacker can send multiple requests to the system that trigger 403 error and consume all available bandwidth.
Remediation
Install update from vendor's website.