CVE-2022-22275

Improper Restriction of TCP Communication Channel in HTTP/S inbound traffic from WAN to DMZ bypassing security policy until TCP handshake potentially resulting in Denial of Service (DoS) attack if a target host is vulnerable.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
sonicwallCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 49%
VendorProductVersion
sonicwallsonicos
7.0.0.0 ≤
𝑥
≤ 7.0.1-5030-r2007
sonicwallsonicos
7.0.0.0 ≤
𝑥
≤ 7.0.1.0-5030-1391
sonicwallsonicos
7.0.0.0 ≤
𝑥
≤ 7.0.1-5030-r780
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0004
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0004