CVE-2022-22278

2022-04-2716:25:18

CWE-770

sonicwall

www.cve.org

sonicos cfs

http denial of service

cve-2022-22278

EPSS

0.001

Percentile

38.4%

JSON

A vulnerability in SonicOS CFS (Content filtering service) returns a large 403 forbidden HTTP response message to the source address when users try to access prohibited resource this allows an attacker to cause HTTP Denial of Service (DoS) attack

CNA Affected

[
  {
    "product": "SonicOS",
    "vendor": "SonicWall",
    "versions": [
      {
        "status": "affected",
        "version": "SonicOS Gen 7 TZ-Series 7.0.1-5030-R2007 and earlier versions."
      },
      {
        "status": "affected",
        "version": "SonicOS Gen 7 NSa-Series 7.0.1-5030-R2007 and earlier versions."
      },
      {
        "status": "affected",
        "version": "SonicOS Gen 7 NSv-Series 7.0.1.0-5030-1391 and earlier versions."
      },
      {
        "status": "affected",
        "version": "SonicOS Gen 7 NSsp-Series 7.0.1-5030-R780 and earlier versions."
      }
    ]
  }
]

References

psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0004

EPSS

0.001

Percentile

38.4%

JSON

Related for CVELIST:CVE-2022-22278