CVE-2022-22276
published 2022-04-27CVE-2022-22276: A vulnerability in SonicOS SNMP service resulting exposure of sensitive information to an unauthorized user.
PriorityP424medium5.3CVSS 3.1
AVNACLPRNUINSUCLINAN
EPSS
0.72%
49.3th percentile
A vulnerability in SonicOS SNMP service resulting exposure of sensitive information to an unauthorized user.
Affected
53 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| sonicwall | nsa_2650_firmware | < 7.0.1 | 7.0.1 |
| sonicwall | nsa_2700_firmware | < 7.0.1 | 7.0.1 |
| sonicwall | nsa_3650_firmware | < 7.0.1 | 7.0.1 |
| sonicwall | nsa_3700_firmware | < 7.0.1 | 7.0.1 |
| sonicwall | nsa_4650_firmware | < 7.0.1 | 7.0.1 |
| sonicwall | nsa_4700_firmware | < 7.0.1 | 7.0.1 |
| sonicwall | nsa_5650_firmware | < 7.0.1 | 7.0.1 |
| sonicwall | nsa_5700_firmware | < 7.0.1 | 7.0.1 |
| sonicwall | nsa_6650_firmware | < 7.0.1 | 7.0.1 |
| sonicwall | nsa_6700_firmware | < 7.0.1 | 7.0.1 |
| sonicwall | nsa_9250_firmware | < 7.0.1 | 7.0.1 |
| sonicwall | nsa_9450_firmware | < 7.0.1 | 7.0.1 |
| sonicwall | nsa_9650_firmware | < 7.0.1 | 7.0.1 |
| sonicwall | nssp_10700_firmware | < 7.0.1.0 | 7.0.1.0 |
| sonicwall | nssp_11700_firmware | < 7.0.1.0 | 7.0.1.0 |
| sonicwall | nssp_12400_firmware | < 7.0.1.0 | 7.0.1.0 |
| sonicwall | nssp_12800_firmware | < 7.0.1.0 | 7.0.1.0 |
| sonicwall | nssp_13700_firmware | < 7.0.1.0 | 7.0.1.0 |
| sonicwall | nssp_15700_firmware | < 7.0.1.0 | 7.0.1.0 |
| sonicwall | nsv_100_firmware | < 7.0.1.0 | 7.0.1.0 |
| sonicwall | nsv_10_firmware | < 7.0.1.0 | 7.0.1.0 |
| sonicwall | nsv_1600_firmware | < 7.0.1.0 | 7.0.1.0 |
| sonicwall | nsv_200_firmware | < 7.0.1.0 | 7.0.1.0 |
| sonicwall | nsv_25_firmware | < 7.0.1.0 | 7.0.1.0 |
| sonicwall | nsv_270_firmware | < 7.0.1.0 | 7.0.1.0 |
CVSS provenance
nvdv3.15.3MEDIUMCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:P/I:N/A:N
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2022-04-27
Published