Lucene search

[email protected]NVD:CVE-2022-2324

HistoryJul 29, 2022 - 9:15 p.m.

CVE-2022-2324

2022-07-2921:15:09

CWE-290

CWE-358

[email protected]

web.nvd.nist.gov

sonicwall

hosted email security

capture atp

bypass

vulnerability

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

EPSS

0.001

Percentile

31.1%

JSON

Improperly Implemented Security Check vulnerability in the SonicWall Hosted Email Security leads to bypass of Capture ATP security service in the appliance. This vulnerability impacts 10.0.17.7319 and earlier versions

Affected configurations

Nvd

Node

sonicwallemail_securityRange≤10.0.17.7319

VendorProductVersionCPE
sonicwallemail_security*cpe:2.3:a:sonicwall:email_security:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
sonicwall	email_security	*	cpe:2.3:a:sonicwall:email_security::::::::

References

psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0014

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

EPSS

0.001

Percentile

31.1%

JSON

Related for NVD:CVE-2022-2324

prion1 cvelist1 cve1