CVE-2022-22278

EPSS 0.26%
Veröffentlicht 27.04.2022 17:15:07
Zuletzt bearbeitet 21.11.2024 06:46:32
Quelle PSIRT@sonicwall.com
Teams Watchlist Login
Unerledigt Login

A vulnerability in SonicOS CFS (Content filtering service) returns a large 403 forbidden HTTP response message to the source address when users try to access prohibited resource this allows an attacker to cause HTTP Denial of Service (DoS) attack

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 4

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Sonicwall ≫ Tz300p Firmware Version < 7.0.1

Sonicwall ≫ Tz300p Version-

Sonicwall ≫ Tz300w Firmware Version < 7.0.1

Sonicwall ≫ Tz300w Version-

Sonicwall ≫ Tz350 Firmware Version < 7.0.1

Sonicwall ≫ Tz350 Version-

Sonicwall ≫ Tz350w Firmware Version < 7.0.1

Sonicwall ≫ Tz350w Version-

Sonicwall ≫ Nssp 10700 Firmware Version < 7.0.1.0

Sonicwall ≫ Nssp 10700 Version-

Sonicwall ≫ Nssp 11700 Firmware Version < 7.0.1.0

Sonicwall ≫ Nssp 11700 Version-

Sonicwall ≫ Nssp 12400 Firmware Version < 7.0.1.0

Sonicwall ≫ Nssp 12400 Version-

Sonicwall ≫ Nssp 12800 Firmware Version < 7.0.1.0

Sonicwall ≫ Nssp 12800 Version-

Sonicwall ≫ Nssp 13700 Firmware Version < 7.0.1.0

Sonicwall ≫ Nssp 13700 Version-

Sonicwall ≫ Nssp 15700 Firmware Version < 7.0.1.0

Sonicwall ≫ Nssp 15700 Version-

Sonicwall ≫ Tz370 Firmware Version < 7.0.1

Sonicwall ≫ Tz370 Version-

Sonicwall ≫ Tz370w Firmware Version < 7.0.1

Sonicwall ≫ Tz370w Version-

Sonicwall ≫ Tz400 Firmware Version < 7.0.1

Sonicwall ≫ Tz400 Version-

Sonicwall ≫ Nsv 10 Firmware Version < 7.0.1.0

Sonicwall ≫ Nsv 10 Version-

Sonicwall ≫ Nsv 100 Firmware Version < 7.0.1.0

Sonicwall ≫ Nsv 100 Version-

Sonicwall ≫ Nsv 1600 Firmware Version < 7.0.1.0

Sonicwall ≫ Nsv 1600 Version-

Sonicwall ≫ Nsv 200 Firmware Version < 7.0.1.0

Sonicwall ≫ Nsv 200 Version-

Sonicwall ≫ Nsv 25 Firmware Version < 7.0.1.0

Sonicwall ≫ Nsv 25 Version-

Sonicwall ≫ Nsv 270 Firmware Version < 7.0.1.0

Sonicwall ≫ Nsv 270 Version-

Sonicwall ≫ Nsv 300 Firmware Version < 7.0.1.0

Sonicwall ≫ Nsv 300 Version-

Sonicwall ≫ Nsv 400 Firmware Version < 7.0.1.0

Sonicwall ≫ Nsv 400 Version-

Sonicwall ≫ Nsv 470 Firmware Version < 7.0.1.0

Sonicwall ≫ Nsv 470 Version-

Sonicwall ≫ Nsv 50 Firmware Version < 7.0.1.0

Sonicwall ≫ Nsv 50 Version-

Sonicwall ≫ Nsv 800 Firmware Version < 7.0.1.0

Sonicwall ≫ Nsv 800 Version-

Sonicwall ≫ Nsv 870 Firmware Version < 7.0.1.0

Sonicwall ≫ Nsv 870 Version-

Sonicwall ≫ Tz400w Firmware Version < 7.0.1

Sonicwall ≫ Tz400w Version-

Sonicwall ≫ Tz470 Firmware Version < 7.0.1

Sonicwall ≫ Tz470 Version-

Sonicwall ≫ Tz470w Firmware Version < 7.0.1

Sonicwall ≫ Tz470w Version-

Sonicwall ≫ Tz500 Firmware Version < 7.0.1

Sonicwall ≫ Tz500 Version-

Sonicwall ≫ Nsa 2650 Firmware Version < 7.0.1

Sonicwall ≫ Nsa 2650 Version-

Sonicwall ≫ Nsa 2700 Firmware Version < 7.0.1

Sonicwall ≫ Nsa 2700 Version-

Sonicwall ≫ Nsa 3650 Firmware Version < 7.0.1

Sonicwall ≫ Nsa 3650 Version-

Sonicwall ≫ Nsa 3700 Firmware Version < 7.0.1

Sonicwall ≫ Nsa 3700 Version-

Sonicwall ≫ Nsa 4650 Firmware Version < 7.0.1

Sonicwall ≫ Nsa 4650 Version-

Sonicwall ≫ Nsa 4700 Firmware Version < 7.0.1

Sonicwall ≫ Nsa 4700 Version-

Sonicwall ≫ Nsa 5650 Firmware Version < 7.0.1

Sonicwall ≫ Nsa 5650 Version-

Sonicwall ≫ Nsa 5700 Firmware Version < 7.0.1

Sonicwall ≫ Nsa 5700 Version-

Sonicwall ≫ Nsa 6650 Firmware Version < 7.0.1

Sonicwall ≫ Nsa 6650 Version-

Sonicwall ≫ Nsa 6700 Firmware Version < 7.0.1

Sonicwall ≫ Nsa 6700 Version-

Sonicwall ≫ Nsa 9250 Firmware Version < 7.0.1

Sonicwall ≫ Nsa 9250 Version-

Sonicwall ≫ Nsa 9450 Firmware Version < 7.0.1

Sonicwall ≫ Nsa 9450 Version-

Sonicwall ≫ Nsa 9650 Firmware Version < 7.0.1

Sonicwall ≫ Nsa 9650 Version-

Sonicwall ≫ Tz500w Firmware Version < 7.0.1

Sonicwall ≫ Tz500w Version-

Sonicwall ≫ Tz570 Firmware Version < 7.0.1

Sonicwall ≫ Tz570 Version-

Sonicwall ≫ Tz570p Firmware Version < 7.0.1

Sonicwall ≫ Tz570p Version-

Sonicwall ≫ Tz570w Firmware Version < 7.0.1

Sonicwall ≫ Tz570w Version-

Sonicwall ≫ Tz600 Firmware Version < 7.0.1

Sonicwall ≫ Tz600 Version-

Sonicwall ≫ Tz600p Firmware Version < 7.0.1

Sonicwall ≫ Tz600p Version-

Sonicwall ≫ Tz670 Firmware Version < 7.0.1

Sonicwall ≫ Tz670 Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.26%	0.492

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.5	3.9	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
nvd@nist.gov	5	10	2.9	AV:N/AC:L/Au:N/C:N/I:N/A:P

CWE-770 Allocation of Resources Without Limits or Throttling

The product allocates a reusable resource or group of resources on behalf of an actor without imposing any restrictions on the size or number of resources that can be allocated, in violation of the intended security policy for that actor.

https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0004

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2022-22278

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2022-22278

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2022-22278

EUVD