Improper neutralization of Special Elements leading to OS Command Injection vulnerability impacting end-of-life Secure Remote Access (SRA) products and older firmware versions of Secure Mobile Access (SMA) 100 series products, specifically the SRA appliances running all 8.x, 9.0.0.5-19sv and earlier versions and Secure Mobile Access (SMA) 100 series products running older firmware 9.0.0.9-26sv and earlier versions
References
Link | Resource |
---|---|
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0001 | Patch Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
AND |
|
Configuration 4 (hide)
AND |
|
Configuration 5 (hide)
AND |
|
Configuration 6 (hide)
AND |
|
Configuration 7 (hide)
AND |
|
Configuration 8 (hide)
AND |
|
Configuration 9 (hide)
AND |
|
History
07 Nov 2023, 03:43
Type | Values Removed | Values Added |
---|---|---|
Summary | Improper neutralization of Special Elements leading to OS Command Injection vulnerability impacting end-of-life Secure Remote Access (SRA) products and older firmware versions of Secure Mobile Access (SMA) 100 series products, specifically the SRA appliances running all 8.x, 9.0.0.5-19sv and earlier versions and Secure Mobile Access (SMA) 100 series products running older firmware 9.0.0.9-26sv and earlier versions |
28 Mar 2022, 16:58
Type | Values Removed | Values Added |
---|---|---|
First Time |
Sonicwall sma 400
Sonicwall sra 4600 Firmware Sonicwall sra 1600 Sonicwall Sonicwall sma 410 Sonicwall sma 500v Firmware Sonicwall sra 4600 Sonicwall sma 210 Sonicwall sra 1200 Sonicwall sma 200 Firmware Sonicwall sra 1600 Firmware Sonicwall sma 400 Firmware Sonicwall sma 500v Sonicwall sma 410 Firmware Sonicwall sra 4200 Sonicwall sma 210 Firmware Sonicwall sra 1200 Firmware Sonicwall sma 200 Sonicwall sra 4200 Firmware |
|
References | (CONFIRM) https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0001 - Patch, Vendor Advisory | |
CPE | cpe:2.3:o:sonicwall:sma_210_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:sonicwall:sma_200_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:sonicwall:sma_400_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:sra_1600:-:*:*:*:*:*:*:* cpe:2.3:o:sonicwall:sra_4200_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:sonicwall:sra_4600_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:sra_1200:-:*:*:*:*:*:*:* cpe:2.3:o:sonicwall:sma_500v_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:sma_210:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:sma_200:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:sma_500v:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:sra_4600:-:*:*:*:*:*:*:* cpe:2.3:o:sonicwall:sma_410_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:sonicwall:sra_1200_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:sma_400:-:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:sma_410:-:*:*:*:*:*:*:* cpe:2.3:o:sonicwall:sra_1600_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:sonicwall:sra_4200:-:*:*:*:*:*:*:* |
|
CVSS |
v2 : v3 : |
v2 : 7.5
v3 : 9.8 |
CWE | CWE-78 |
17 Mar 2022, 02:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-03-17 02:15
Updated : 2024-04-11 01:14
NVD link : CVE-2022-22273
Mitre link : CVE-2022-22273
CVE.ORG link : CVE-2022-22273
JSON object : View
Products Affected
sonicwall
- sma_210
- sra_4200_firmware
- sra_1200_firmware
- sra_1600_firmware
- sra_4600_firmware
- sra_4200
- sma_400_firmware
- sma_210_firmware
- sma_200
- sma_200_firmware
- sma_410
- sma_500v_firmware
- sma_500v
- sra_4600
- sma_400
- sra_1200
- sma_410_firmware
- sra_1600
CWE
CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')