CVE-2022-2915
26.08.2022, 21:15
A Heap-based Buffer Overflow vulnerability in the SonicWall SMA100 appliance allows a remote authenticated attacker to cause Denial of Service (DoS) on the appliance or potentially lead to code execution. This vulnerability impacts 10.2.1.5-34sv and earlier versions.Enginsight
| Vendor | Product | Version |
|---|---|---|
| sonicwall | sma_200_firmware | 𝑥 ≤ 10.2.1.5-34sv |
| sonicwall | sma_210_firmware | 𝑥 ≤ 10.2.1.5-34sv |
| sonicwall | sma_400_firmware | 𝑥 ≤ 10.2.1.5-34sv |
| sonicwall | sma_410_firmware | 𝑥 ≤ 10.2.1.5-34sv |
| sonicwall | sma_500v_firmware | 𝑥 ≤ 10.2.1.5-34sv |
𝑥
= Vulnerable software versions
Common Weakness Enumeration
- CWE-122 - Heap-based Buffer OverflowA heap overflow condition is a buffer overflow, where the buffer that can be overwritten is allocated in the heap portion of memory, generally meaning that the buffer was allocated using a routine such as malloc().
- CWE-787 - Out-of-bounds WriteThe software writes data past the end, or before the beginning, of the intended buffer.