9
CVE-2022-23176
- EPSS 6.96%
- Published 24.02.2022 15:15:28
- Last modified 14.03.2025 16:50:46
- Source cve@mitre.org
- Teams watchlist Login
- Open Login
WatchGuard Firebox and XTM appliances allow a remote attacker with unprivileged credentials to access the system with a privileged management session via exposed management access. This vulnerability impacts Fireware OS before 12.7.2_U1, 12.x before 12.1.3_U3, and 12.2.x through 12.5.x before 12.5.7_U3.
Data is provided by the National Vulnerability Database (NVD)
Watchguard ≫ Fireware Version >= 12.0.0 < 12.1.3
Watchguard ≫ Fireware Version >= 12.2.0 < 12.5.7
Watchguard ≫ Fireware Version12.1.3 Update-
Watchguard ≫ Fireware Version12.1.3 Updateu1
Watchguard ≫ Fireware Version12.1.3 Updateu2
Watchguard ≫ Fireware Version12.5.7 Update-
Watchguard ≫ Fireware Version12.5.7 Updateu1
Watchguard ≫ Fireware Version12.5.7 Updateu2
Watchguard ≫ Fireware Version12.7.2 Update-
11.04.2022: CISA Known Exploited Vulnerabilities (KEV) Catalog
WatchGuard Firebox and XTM Privilege Escalation Vulnerability
VulnerabilityWatchGuard Firebox and XTM appliances allow a remote attacker with unprivileged credentials to access the system with a privileged management session via exposed management access.
DescriptionApply updates per vendor instructions.
Required actions| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 6.96% | 0.91 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 8.8 | 2.8 | 5.9 |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|
| nvd@nist.gov | 9 | 8 | 10 |
AV:N/AC:L/Au:S/C:C/I:C/A:C
|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 8.8 | 2.8 | 5.9 |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|