Vulnerability Description
A post-authentication arbitrary file read vulnerability impacting end-of-life Secure Remote Access (SRA) products and older firmware versions of Secure Mobile Access (SMA) 100 series products, specifically the SRA appliances running all 8.x, 9.0.0.5-19sv and earlier versions and Secure Mobile Access (SMA) 100 series products running older firmware 9.0.0.9-26sv and earlier versions
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Sonicwall | Sra 1200 Firmware | <= 9.0.0.5-19sv |
| Sonicwall | Sra 1200 | - |
| Sonicwall | Sra 4200 Firmware | <= 9.0.0.5-19sv |
| Sonicwall | Sra 4200 | - |
| Sonicwall | Sma 210 Firmware | < 9.0.0.10-28sv |
| Sonicwall | Sma 210 | - |
| Sonicwall | Sma 410 Firmware | < 9.0.0.10-28sv |
| Sonicwall | Sma 410 | - |
| Sonicwall | Sma 500V Firmware | < 9.0.0.10-28sv |
| Sonicwall | Sma 500V | - |
Related Weaknesses (CWE)
References
- https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0006Vendor Advisory
- https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0006Vendor Advisory
FAQ
What is CVE-2022-22279?
CVE-2022-22279 is a vulnerability with a CVSS score of 4.9 (MEDIUM). A post-authentication arbitrary file read vulnerability impacting end-of-life Secure Remote Access (SRA) products and older firmware versions of Secure Mobile Access (SMA) 100 series products, specifi...
How severe is CVE-2022-22279?
CVE-2022-22279 has been rated MEDIUM with a CVSS base score of 4.9/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2022-22279?
Check the references section above for vendor advisories and patch information. Affected products include: Sonicwall Sra 1200 Firmware, Sonicwall Sra 1200, Sonicwall Sra 4200 Firmware, Sonicwall Sra 4200, Sonicwall Sma 210 Firmware.