#VU63302 Improper access control in SonicWall products - CVE-2022-22282
Published: May 17, 2022
Vulnerability identifier: #VU63302
Vulnerability risk: High
CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Amber
CVE-ID: CVE-2022-22282
CWE-ID: CWE-284
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vulnerable software:
SonicWall SMA 1000
SonicWall SMA 6200
SonicWall SMA 6210
SonicWall SMA 7200
SonicWall SMA 7210
SonicWall SMA 8000v
SonicWall SMA 1000
SonicWall SMA 6200
SonicWall SMA 6210
SonicWall SMA 7200
SonicWall SMA 7210
SonicWall SMA 8000v
Software vendor:
SonicWall
SonicWall
Description
The vulnerability allows a remote attacker to gain unauthorized access to otherwise restricted functionality.
The vulnerability exists due to improper access restrictions. A remote non-authenticated attacker can bypass implemented security restrictions and gain unauthorized access to the application.
Remediation
Install updates from vendor's website.