CVE-2022-22275

Improper Restriction of TCP Communication Channel in HTTP/S inbound traffic from WAN to DMZ bypassing security policy until TCP handshake potentially resulting in Denial of Service (DoS) attack if a target host is vulnerable.

CVSS v3 7.5 HIGH
CVSS v2.0 5.0 MEDIUM

7.5^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

5.0^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:L/Au:N/C:N/I:N/A:P

Exploitability : 10.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact PARTIAL

References

Link	Resource
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0004	Vendor Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*

OR	cpe:2.3:h:sonicwall:nsa_2650:-:::::::*
	cpe:2.3:h:sonicwall:nsa_2700:-:::::::*
	cpe:2.3:h:sonicwall:nsa_3650:-:::::::*
	cpe:2.3:h:sonicwall:nsa_3700:-:::::::*
	cpe:2.3:h:sonicwall:nsa_4650:-:::::::*
	cpe:2.3:h:sonicwall:nsa_4700:-:::::::*
	cpe:2.3:h:sonicwall:nsa_5650:-:::::::*
	cpe:2.3:h:sonicwall:nsa_5700:-:::::::*
	cpe:2.3:h:sonicwall:nsa_6650:-:::::::*
	cpe:2.3:h:sonicwall:nsa_6700:-:::::::*
	cpe:2.3:h:sonicwall:nsa_9250:-:::::::*
	cpe:2.3:h:sonicwall:nsa_9450:-:::::::*
	cpe:2.3:h:sonicwall:nsa_9650:-:::::::*
	cpe:2.3:h:sonicwall:soho_250:-:::::::*
	cpe:2.3:h:sonicwall:soho_250w:-:::::::*
	cpe:2.3:h:sonicwall:tz270:-:::::::*
	cpe:2.3:h:sonicwall:tz270w:-:::::::*
	cpe:2.3:h:sonicwall:tz300:-:::::::*
	cpe:2.3:h:sonicwall:tz300p:-:::::::*
	cpe:2.3:h:sonicwall:tz300w:-:::::::*
	cpe:2.3:h:sonicwall:tz350:-:::::::*
	cpe:2.3:h:sonicwall:tz350w:-:::::::*
	cpe:2.3:h:sonicwall:tz370:-:::::::*
	cpe:2.3:h:sonicwall:tz370w:-:::::::*
	cpe:2.3:h:sonicwall:tz400:-:::::::*
	cpe:2.3:h:sonicwall:tz400w:-:::::::*
	cpe:2.3:h:sonicwall:tz470:-:::::::*
	cpe:2.3:h:sonicwall:tz470w:-:::::::*
	cpe:2.3:h:sonicwall:tz500:-:::::::*
	cpe:2.3:h:sonicwall:tz500w:-:::::::*
	cpe:2.3:h:sonicwall:tz570:-:::::::*
	cpe:2.3:h:sonicwall:tz570p:-:::::::*
	cpe:2.3:h:sonicwall:tz570w:-:::::::*
	cpe:2.3:h:sonicwall:tz600:-:::::::*
	cpe:2.3:h:sonicwall:tz600p:-:::::::*
	cpe:2.3:h:sonicwall:tz670:-:::::::*

Configuration 2 (hide)

AND

cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*

OR	cpe:2.3:h:sonicwall:nsv_10:-:::::::*
	cpe:2.3:h:sonicwall:nsv_100:-:::::::*
	cpe:2.3:h:sonicwall:nsv_200:-:::::::*
	cpe:2.3:h:sonicwall:nsv_25:-:::::::*
	cpe:2.3:h:sonicwall:nsv_270:-:::::::*
	cpe:2.3:h:sonicwall:nsv_300:-:::::::*
	cpe:2.3:h:sonicwall:nsv_400:-:::::::*
	cpe:2.3:h:sonicwall:nsv_470:-:::::::*
	cpe:2.3:h:sonicwall:nsv_50:-:::::::*
	cpe:2.3:h:sonicwall:nsv_800:-:::::::*
	cpe:2.3:h:sonicwall:nsv_870:-:::::::*

Configuration 3 (hide)

AND

cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*

OR	cpe:2.3:h:sonicwall:nssp_10700:-:::::::*
	cpe:2.3:h:sonicwall:nssp_11700:-:::::::*
	cpe:2.3:h:sonicwall:nssp_12400:-:::::::*
	cpe:2.3:h:sonicwall:nssp_12800:-:::::::*
	cpe:2.3:h:sonicwall:nssp_13700:-:::::::*

History

12 May 2022, 02:49

Type	Values Removed	Values Added
CPE		cpe:2.3:h:sonicwall:nsa_9450:-:::::::* cpe:2.3:h:sonicwall:nsv_50:-:::::::* cpe:2.3:h:sonicwall:nssp_12800:-:::::::* cpe:2.3:h:sonicwall:tz600:-:::::::* cpe:2.3:h:sonicwall:tz500:-:::::::* cpe:2.3:h:sonicwall:tz570w:-:::::::* cpe:2.3:h:sonicwall:tz270w:-:::::::* cpe:2.3:h:sonicwall:tz350w:-:::::::* cpe:2.3:h:sonicwall:tz300:-:::::::* cpe:2.3:h:sonicwall:tz300p:-:::::::* cpe:2.3:h:sonicwall:nssp_13700:-:::::::* cpe:2.3:h:sonicwall:nsv_400:-:::::::* cpe:2.3:h:sonicwall:tz370:-:::::::* cpe:2.3:h:sonicwall:nsv_470:-:::::::* cpe:2.3:h:sonicwall:nsv_25:-:::::::* cpe:2.3:h:sonicwall:nsa_5700:-:::::::* cpe:2.3:h:sonicwall:tz670:-:::::::* cpe:2.3:h:sonicwall:tz300w:-:::::::* cpe:2.3:h:sonicwall:nssp_12400:-:::::::* cpe:2.3:h:sonicwall:nsa_9650:-:::::::* cpe:2.3:h:sonicwall:nsa_5650:-:::::::* cpe:2.3:h:sonicwall:nsa_2650:-:::::::* cpe:2.3:h:sonicwall:tz400:-:::::::* cpe:2.3:h:sonicwall:nsa_9250:-:::::::* cpe:2.3:h:sonicwall:nssp_11700:-:::::::* cpe:2.3:h:sonicwall:nsv_270:-:::::::* cpe:2.3:h:sonicwall:nsa_4650:-:::::::* cpe:2.3:h:sonicwall:tz350:-:::::::* cpe:2.3:h:sonicwall:tz470w:-:::::::* cpe:2.3:h:sonicwall:tz270:-:::::::* cpe:2.3:h:sonicwall:soho_250w:-:::::::* cpe:2.3:h:sonicwall:nsv_300:-:::::::* cpe:2.3:h:sonicwall:tz470:-:::::::* cpe:2.3:h:sonicwall:nsa_2700:-:::::::* cpe:2.3:h:sonicwall:nsa_3650:-:::::::* cpe:2.3:h:sonicwall:nsv_10:-:::::::* cpe:2.3:h:sonicwall:nsv_800:-:::::::* cpe:2.3:h:sonicwall:soho_250:-:::::::* cpe:2.3:h:sonicwall:nsa_6700:-:::::::* cpe:2.3:h:sonicwall:tz570p:-:::::::* cpe:2.3:h:sonicwall:nssp_10700:-:::::::* cpe:2.3:o:sonicwall:sonicos:::::::: cpe:2.3:h:sonicwall:tz500w:-:::::::* cpe:2.3:h:sonicwall:nsv_100:-:::::::* cpe:2.3:h:sonicwall:nsv_870:-:::::::* cpe:2.3:h:sonicwall:tz400w:-:::::::* cpe:2.3:h:sonicwall:nsv_200:-:::::::* cpe:2.3:h:sonicwall:nsa_6650:-:::::::* cpe:2.3:h:sonicwall:nsa_4700:-:::::::* cpe:2.3:h:sonicwall:tz600p:-:::::::* cpe:2.3:h:sonicwall:tz370w:-:::::::* cpe:2.3:h:sonicwall:nsa_3700:-:::::::* cpe:2.3:h:sonicwall:tz570:-:::::::*
CWE		NVD-CWE-noinfo
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : 5.0 v3 : 7.5
First Time		Sonicwall nsa 2700 Sonicwall nsv 400 Sonicwall tz570 Sonicwall nssp 12400 Sonicwall nssp 11700 Sonicwall soho 250w Sonicwall nsa 4650 Sonicwall tz370 Sonicwall nsv 25 Sonicwall nssp 13700 Sonicwall nsv 870 Sonicwall nsv 800 Sonicwall nsa 9450 Sonicwall tz350w Sonicwall tz600 Sonicwall nsa 5650 Sonicwall tz300 Sonicwall nsa 2650 Sonicwall nsv 200 Sonicwall tz600p Sonicwall nsv 10 Sonicwall nsa 3650 Sonicwall tz470w Sonicwall tz270 Sonicwall tz300w Sonicwall nsv 470 Sonicwall tz570p Sonicwall nsa 5700 Sonicwall nssp 10700 Sonicwall Sonicwall nsv 270 Sonicwall nsv 300 Sonicwall nsa 9650 Sonicwall tz400 Sonicwall nsa 6700 Sonicwall tz370w Sonicwall tz270w Sonicwall sonicos Sonicwall tz500 Sonicwall tz350 Sonicwall nssp 12800 Sonicwall nsv 50 Sonicwall nsa 4700 Sonicwall nsa 6650 Sonicwall nsa 9250 Sonicwall tz500w Sonicwall tz570w Sonicwall nsa 3700 Sonicwall tz300p Sonicwall tz470 Sonicwall soho 250 Sonicwall tz400w Sonicwall nsv 100 Sonicwall tz670
References	~~(CONFIRM) https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0004 -~~	(CONFIRM) https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0004 - Vendor Advisory

27 Apr 2022, 17:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2022-04-27 17:15

Updated : 2023-12-10 14:22

NVD link : CVE-2022-22275

Mitre link : CVE-2022-22275

CVE.ORG link : CVE-2022-22275

JSON object : View

Products Affected

sonicwall

nsa_6700
tz350w
nsv_200
nsv_400
nssp_12800
nsa_5650
tz370w
nsa_9650
tz400w
tz570w
nssp_10700
nsv_100
nsv_50
tz470w
tz600
tz370
tz300
nsa_4650
tz270w
tz500w
nsv_25
nssp_12400
nsa_6650
nsa_3650
tz470
nsa_4700
nsv_470
nssp_13700
nsa_9450
tz570
nsv_800
tz300p
sonicos
tz350
tz670
soho_250w
nsa_2700
nsv_270
nssp_11700
tz600p
nsa_2650
tz270
soho_250
nsv_300
nsa_5700
nsa_9250
nsa_3700
tz500
tz400
nsv_870
tz570p
nsv_10
tz300w

CWE

NVD-CWE-noinfo CWE-400

Uncontrolled Resource Consumption

7.5 /10

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

5.0 /10

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact PARTIAL

JSON object

Attach tags to CVE-2022-22275

7.5^/10

5.0^/10

Attach tags to `CVE-2022-22275`