Vulnerability Name:

CVE-2022-22277 (CCN-225259)

Assigned:2021-12-29
Published:2022-04-27
Updated:2022-05-06
Summary:A vulnerability in SonicOS SNMP service resulting exposure of Wireless Access Point sensitive information in cleartext.
CVSS v3 Severity:5.3 Medium (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
4.6 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): Low
Integrity (I): None
Availibility (A): None
5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
4.6 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): Low
Integrity (I): None
Availibility (A): None
CVSS v2 Severity:5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): None
Availibility (A): None
5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): None
Availibility (A): None
Vulnerability Type:CWE-200
Vulnerability Consequences:Obtain Information
References:Source: MITRE
Type: CNA
CVE-2022-22277

Source: XF
Type: UNKNOWN
sonicos-cve202222277-info-disc(225259)

Source: CCN
Type: SonicWall Security Advisory SNWLID-2022-0004
SonicOS Content Filtering Service and SNMP feature affected by multiple vulnerabilities

Source: CONFIRM
Type: Vendor Advisory
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0004

Vulnerable Configuration:Configuration 1:
  • cpe:/o:sonicwall:tz300p_firmware:7.0.0:*:*:*:*:*:*:*
  • OR cpe:/o:sonicwall:tz300p_firmware:*:*:*:*:*:*:*:* (Version < 6.5.4.10)
  • AND
  • cpe:/h:sonicwall:tz300p:-:*:*:*:*:*:*:*

    • Configuration 2:
  • cpe:/o:sonicwall:tz300w_firmware:7.0.0:*:*:*:*:*:*:*
  • OR cpe:/o:sonicwall:tz300w_firmware:*:*:*:*:*:*:*:* (Version < 6.5.4.10)
  • AND
  • cpe:/h:sonicwall:tz300w:-:*:*:*:*:*:*:*

    • Configuration 3:
  • cpe:/o:sonicwall:tz350_firmware:7.0.0:*:*:*:*:*:*:*
  • OR cpe:/o:sonicwall:tz350_firmware:*:*:*:*:*:*:*:* (Version < 6.5.4.10)
  • AND
  • cpe:/h:sonicwall:tz350:-:*:*:*:*:*:*:*

    • Configuration 4:
  • cpe:/o:sonicwall:tz350w_firmware:7.0.0:*:*:*:*:*:*:*
  • OR cpe:/o:sonicwall:tz350w_firmware:*:*:*:*:*:*:*:* (Version < 6.5.4.10)
  • AND
  • cpe:/h:sonicwall:tz350w:-:*:*:*:*:*:*:*

    • Configuration 5:
  • cpe:/o:sonicwall:nssp_10700_firmware:*:*:*:*:*:*:*:* (Version < 7.0.1.0)
  • AND
  • cpe:/h:sonicwall:nssp_10700:-:*:*:*:*:*:*:*

    • Configuration 6:
  • cpe:/o:sonicwall:nssp_11700_firmware:*:*:*:*:*:*:*:* (Version < 7.0.1.0)
  • AND
  • cpe:/h:sonicwall:nssp_11700:-:*:*:*:*:*:*:*

    • Configuration 7:
  • cpe:/o:sonicwall:nssp_12400_firmware:*:*:*:*:*:*:*:* (Version < 7.0.1.0)
  • AND
  • cpe:/h:sonicwall:nssp_12400:-:*:*:*:*:*:*:*

    • Configuration 8:
  • cpe:/o:sonicwall:nssp_12800_firmware:*:*:*:*:*:*:*:* (Version < 7.0.1.0)
  • AND
  • cpe:/h:sonicwall:nssp_12800:-:*:*:*:*:*:*:*

    • Configuration 9:
  • cpe:/o:sonicwall:nssp_13700_firmware:*:*:*:*:*:*:*:* (Version < 7.0.1.0)
  • AND
  • cpe:/h:sonicwall:nssp_13700:-:*:*:*:*:*:*:*

    • Configuration 10:
  • cpe:/o:sonicwall:nssp_15700_firmware:*:*:*:*:*:*:*:* (Version < 7.0.1.0)
  • AND
  • cpe:/h:sonicwall:nssp_15700:-:*:*:*:*:*:*:*

    • Configuration 11:
  • cpe:/o:sonicwall:tz370_firmware:7.0.0:*:*:*:*:*:*:*
  • OR cpe:/o:sonicwall:tz370_firmware:*:*:*:*:*:*:*:* (Version < 6.5.4.10)
  • AND
  • cpe:/h:sonicwall:tz370:-:*:*:*:*:*:*:*

    • Configuration 12:
  • cpe:/o:sonicwall:tz370w_firmware:7.0.0:*:*:*:*:*:*:*
  • OR cpe:/o:sonicwall:tz370w_firmware:*:*:*:*:*:*:*:* (Version < 6.5.4.10)
  • AND
  • cpe:/h:sonicwall:tz370w:-:*:*:*:*:*:*:*

    • Configuration 13:
  • cpe:/o:sonicwall:tz400_firmware:7.0.0:*:*:*:*:*:*:*
  • OR cpe:/o:sonicwall:tz400_firmware:*:*:*:*:*:*:*:* (Version < 6.5.4.10)
  • AND
  • cpe:/h:sonicwall:tz400:-:*:*:*:*:*:*:*

    • Configuration 14:
  • cpe:/o:sonicwall:nsv_10_firmware:*:*:*:*:*:*:*:* (Version < 7.0.1.0)
  • AND
  • cpe:/h:sonicwall:nsv_10:-:*:*:*:*:*:*:*

    • Configuration 15:
  • cpe:/o:sonicwall:nsv_100_firmware:*:*:*:*:*:*:*:* (Version < 7.0.1.0)
  • AND
  • cpe:/h:sonicwall:nsv_100:-:*:*:*:*:*:*:*

    • Configuration 16:
  • cpe:/o:sonicwall:nsv_1600_firmware:*:*:*:*:*:*:*:* (Version < 7.0.1.0)
  • AND
  • cpe:/h:sonicwall:nsv_1600:-:*:*:*:*:*:*:*

    • Configuration 17:
  • cpe:/o:sonicwall:nsv_200_firmware:*:*:*:*:*:*:*:* (Version < 7.0.1.0)
  • AND
  • cpe:/h:sonicwall:nsv_200:-:*:*:*:*:*:*:*

    • Configuration 18:
  • cpe:/o:sonicwall:nsv_25_firmware:*:*:*:*:*:*:*:* (Version < 7.0.1.0)
  • AND
  • cpe:/h:sonicwall:nsv_25:-:*:*:*:*:*:*:*

    • Configuration 19:
  • cpe:/o:sonicwall:nsv_270_firmware:*:*:*:*:*:*:*:* (Version < 7.0.1.0)
  • AND
  • cpe:/h:sonicwall:nsv_270:-:*:*:*:*:*:*:*

    • Configuration 20:
  • cpe:/o:sonicwall:nsv_300_firmware:*:*:*:*:*:*:*:* (Version < 7.0.1.0)
  • AND
  • cpe:/h:sonicwall:nsv_300:-:*:*:*:*:*:*:*

    • Configuration 21:
  • cpe:/o:sonicwall:nsv_400_firmware:*:*:*:*:*:*:*:* (Version < 7.0.1.0)
  • AND
  • cpe:/h:sonicwall:nsv_400:-:*:*:*:*:*:*:*

    • Configuration 22:
  • cpe:/o:sonicwall:nsv_470_firmware:*:*:*:*:*:*:*:* (Version < 7.0.1.0)
  • AND
  • cpe:/h:sonicwall:nsv_470:-:*:*:*:*:*:*:*

    • Configuration 23:
  • cpe:/o:sonicwall:nsv_50_firmware:*:*:*:*:*:*:*:* (Version < 7.0.1.0)
  • AND
  • cpe:/h:sonicwall:nsv_50:-:*:*:*:*:*:*:*

    • Configuration 24:
  • cpe:/o:sonicwall:nsv_800_firmware:*:*:*:*:*:*:*:* (Version < 7.0.1.0)
  • AND
  • cpe:/h:sonicwall:nsv_800:-:*:*:*:*:*:*:*

    • Configuration 25:
  • cpe:/o:sonicwall:nsv_870_firmware:*:*:*:*:*:*:*:* (Version < 7.0.1.0)
  • AND
  • cpe:/h:sonicwall:nsv_870:-:*:*:*:*:*:*:*

    • Configuration 26:
  • cpe:/o:sonicwall:tz400w_firmware:7.0.0:*:*:*:*:*:*:*
  • OR cpe:/o:sonicwall:tz400w_firmware:*:*:*:*:*:*:*:* (Version < 6.5.4.10)
  • AND
  • cpe:/h:sonicwall:tz400w:-:*:*:*:*:*:*:*

    • Configuration 27:
  • cpe:/o:sonicwall:tz470_firmware:7.0.0:*:*:*:*:*:*:*
  • OR cpe:/o:sonicwall:tz470_firmware:*:*:*:*:*:*:*:* (Version < 6.5.4.10)
  • AND
  • cpe:/h:sonicwall:tz470:-:*:*:*:*:*:*:*

    • Configuration 28:
  • cpe:/o:sonicwall:tz470w_firmware:7.0.0:*:*:*:*:*:*:*
  • OR cpe:/o:sonicwall:tz470w_firmware:*:*:*:*:*:*:*:* (Version < 6.5.4.10)
  • AND
  • cpe:/h:sonicwall:tz470w:-:*:*:*:*:*:*:*

    • Configuration 29:
  • cpe:/o:sonicwall:tz500_firmware:7.0.0:*:*:*:*:*:*:*
  • OR cpe:/o:sonicwall:tz500_firmware:*:*:*:*:*:*:*:* (Version < 6.5.4.10)
  • AND
  • cpe:/h:sonicwall:tz500:-:*:*:*:*:*:*:*

    • Configuration 30:
  • cpe:/o:sonicwall:nsa_2650_firmware:7.0.0:*:*:*:*:*:*:*
  • OR cpe:/o:sonicwall:nsa_2650_firmware:*:*:*:*:*:*:*:* (Version < 6.5.4.10)
  • AND
  • cpe:/h:sonicwall:nsa_2650:-:*:*:*:*:*:*:*

    • Configuration 31:
  • cpe:/o:sonicwall:nsa_2700_firmware:7.0.0:*:*:*:*:*:*:*
  • OR cpe:/o:sonicwall:nsa_2700_firmware:*:*:*:*:*:*:*:* (Version < 6.5.4.10)
  • AND
  • cpe:/h:sonicwall:nsa_2700:-:*:*:*:*:*:*:*

    • Configuration 32:
  • cpe:/o:sonicwall:nsa_3650_firmware:7.0.0:*:*:*:*:*:*:*
  • OR cpe:/o:sonicwall:nsa_3650_firmware:*:*:*:*:*:*:*:* (Version < 6.5.4.10)
  • AND
  • cpe:/h:sonicwall:nsa_3650:-:*:*:*:*:*:*:*

    • Configuration 33:
  • cpe:/o:sonicwall:nsa_3700_firmware:7.0.0:*:*:*:*:*:*:*
  • OR cpe:/o:sonicwall:nsa_3700_firmware:*:*:*:*:*:*:*:* (Version < 6.5.4.10)
  • AND
  • cpe:/h:sonicwall:nsa_3700:-:*:*:*:*:*:*:*

    • Configuration 34:
  • cpe:/o:sonicwall:nsa_4650_firmware:7.0.0:*:*:*:*:*:*:*
  • OR cpe:/o:sonicwall:nsa_4650_firmware:*:*:*:*:*:*:*:* (Version < 6.5.4.10)
  • AND
  • cpe:/h:sonicwall:nsa_4650:-:*:*:*:*:*:*:*

    • Configuration 35:
  • cpe:/o:sonicwall:nsa_4700_firmware:7.0.0:*:*:*:*:*:*:*
  • OR cpe:/o:sonicwall:nsa_4700_firmware:*:*:*:*:*:*:*:* (Version < 6.5.4.10)
  • AND
  • cpe:/h:sonicwall:nsa_4700:-:*:*:*:*:*:*:*

    • Configuration 36:
  • cpe:/o:sonicwall:nsa_5650_firmware:7.0.0:*:*:*:*:*:*:*
  • OR cpe:/o:sonicwall:nsa_5650_firmware:*:*:*:*:*:*:*:* (Version < 6.5.4.10)
  • AND
  • cpe:/h:sonicwall:nsa_5650:-:*:*:*:*:*:*:*

    • Configuration 37:
  • cpe:/o:sonicwall:nsa_5700_firmware:7.0.0:*:*:*:*:*:*:*
  • OR cpe:/o:sonicwall:nsa_5700_firmware:*:*:*:*:*:*:*:* (Version < 6.5.4.10)
  • AND
  • cpe:/h:sonicwall:nsa_5700:-:*:*:*:*:*:*:*

    • Configuration 38:
  • cpe:/o:sonicwall:nsa_6650_firmware:7.0.0:*:*:*:*:*:*:*
  • OR cpe:/o:sonicwall:nsa_6650_firmware:*:*:*:*:*:*:*:* (Version < 6.5.4.10)
  • AND
  • cpe:/h:sonicwall:nsa_6650:-:*:*:*:*:*:*:*

    • Configuration 39:
  • cpe:/o:sonicwall:nsa_6700_firmware:7.0.0:*:*:*:*:*:*:*
  • OR cpe:/o:sonicwall:nsa_6700_firmware:*:*:*:*:*:*:*:* (Version < 6.5.4.10)
  • AND
  • cpe:/h:sonicwall:nsa_6700:-:*:*:*:*:*:*:*

    • Configuration 40:
  • cpe:/o:sonicwall:nsa_9250_firmware:7.0.0:*:*:*:*:*:*:*
  • OR cpe:/o:sonicwall:nsa_9250_firmware:*:*:*:*:*:*:*:* (Version < 6.5.4.10)
  • AND
  • cpe:/h:sonicwall:nsa_9250:-:*:*:*:*:*:*:*

    • Configuration 41:
  • cpe:/o:sonicwall:nsa_9450_firmware:7.0.0:*:*:*:*:*:*:*
  • OR cpe:/o:sonicwall:nsa_9450_firmware:*:*:*:*:*:*:*:* (Version < 6.5.4.10)
  • AND
  • cpe:/h:sonicwall:nsa_9450:-:*:*:*:*:*:*:*

    • Configuration 42:
  • cpe:/o:sonicwall:nsa_9650_firmware:7.0.0:*:*:*:*:*:*:*
  • OR cpe:/o:sonicwall:nsa_9650_firmware:*:*:*:*:*:*:*:* (Version < 6.5.4.10)
  • AND
  • cpe:/h:sonicwall:nsa_9650:-:*:*:*:*:*:*:*

    • Configuration 43:
  • cpe:/o:sonicwall:tz500w_firmware:7.0.0:*:*:*:*:*:*:*
  • OR cpe:/o:sonicwall:tz500w_firmware:*:*:*:*:*:*:*:* (Version < 6.5.4.10)
  • AND
  • cpe:/h:sonicwall:tz500w:-:*:*:*:*:*:*:*

    • Configuration 44:
  • cpe:/o:sonicwall:tz570_firmware:7.0.0:*:*:*:*:*:*:*
  • OR cpe:/o:sonicwall:tz570_firmware:*:*:*:*:*:*:*:* (Version < 6.5.4.10)
  • AND
  • cpe:/h:sonicwall:tz570:-:*:*:*:*:*:*:*

    • Configuration 45:
  • cpe:/o:sonicwall:tz570p_firmware:7.0.0:*:*:*:*:*:*:*
  • OR cpe:/o:sonicwall:tz570p_firmware:*:*:*:*:*:*:*:* (Version < 6.5.4.10)
  • AND
  • cpe:/h:sonicwall:tz570p:-:*:*:*:*:*:*:*

    • Configuration 46:
  • cpe:/o:sonicwall:tz570w_firmware:7.0.0:*:*:*:*:*:*:*
  • OR cpe:/o:sonicwall:tz570w_firmware:*:*:*:*:*:*:*:* (Version < 6.5.4.10)
  • AND
  • cpe:/h:sonicwall:tz570w:-:*:*:*:*:*:*:*

    • Configuration 47:
  • cpe:/o:sonicwall:tz600_firmware:7.0.0:*:*:*:*:*:*:*
  • OR cpe:/o:sonicwall:tz600_firmware:*:*:*:*:*:*:*:* (Version < 6.5.4.10)
  • AND
  • cpe:/h:sonicwall:tz600:-:*:*:*:*:*:*:*

    • Configuration 48:
  • cpe:/o:sonicwall:tz600p_firmware:7.0.0:*:*:*:*:*:*:*
  • OR cpe:/o:sonicwall:tz600p_firmware:*:*:*:*:*:*:*:* (Version < 6.5.4.10)
  • AND
  • cpe:/h:sonicwall:tz600p:-:*:*:*:*:*:*:*

    • Configuration 49:
  • cpe:/o:sonicwall:tz670_firmware:7.0.0:*:*:*:*:*:*:*
  • OR cpe:/o:sonicwall:tz670_firmware:*:*:*:*:*:*:*:* (Version < 6.5.4.10)
  • AND
  • cpe:/h:sonicwall:tz670:-:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    BACK
    sonicwall tz300p firmware 7.0.0
    sonicwall tz300p firmware *
    sonicwall tz300p -
    sonicwall tz300w firmware 7.0.0
    sonicwall tz300w firmware *
    sonicwall tz300w -
    sonicwall tz350 firmware 7.0.0
    sonicwall tz350 firmware *
    sonicwall tz350 -
    sonicwall tz350w firmware 7.0.0
    sonicwall tz350w firmware *
    sonicwall tz350w -
    sonicwall nssp 10700 firmware *
    sonicwall nssp 10700 -
    sonicwall nssp 11700 firmware *
    sonicwall nssp 11700 -
    sonicwall nssp 12400 firmware *
    sonicwall nssp 12400 -
    sonicwall nssp 12800 firmware *
    sonicwall nssp 12800 -
    sonicwall nssp 13700 firmware *
    sonicwall nssp 13700 -
    sonicwall nssp 15700 firmware *
    sonicwall nssp 15700 -
    sonicwall tz370 firmware 7.0.0
    sonicwall tz370 firmware *
    sonicwall tz370 -
    sonicwall tz370w firmware 7.0.0
    sonicwall tz370w firmware *
    sonicwall tz370w -
    sonicwall tz400 firmware 7.0.0
    sonicwall tz400 firmware *
    sonicwall tz400 -
    sonicwall nsv 10 firmware *
    sonicwall nsv 10 -
    sonicwall nsv 100 firmware *
    sonicwall nsv 100 -
    sonicwall nsv 1600 firmware *
    sonicwall nsv 1600 -
    sonicwall nsv 200 firmware *
    sonicwall nsv 200 -
    sonicwall nsv 25 firmware *
    sonicwall nsv 25 -
    sonicwall nsv 270 firmware *
    sonicwall nsv 270 -
    sonicwall nsv 300 firmware *
    sonicwall nsv 300 -
    sonicwall nsv 400 firmware *
    sonicwall nsv 400 -
    sonicwall nsv 470 firmware *
    sonicwall nsv 470 -
    sonicwall nsv 50 firmware *
    sonicwall nsv 50 -
    sonicwall nsv 800 firmware *
    sonicwall nsv 800 -
    sonicwall nsv 870 firmware *
    sonicwall nsv 870 -
    sonicwall tz400w firmware 7.0.0
    sonicwall tz400w firmware *
    sonicwall tz400w -
    sonicwall tz470 firmware 7.0.0
    sonicwall tz470 firmware *
    sonicwall tz470 -
    sonicwall tz470w firmware 7.0.0
    sonicwall tz470w firmware *
    sonicwall tz470w -
    sonicwall tz500 firmware 7.0.0
    sonicwall tz500 firmware *
    sonicwall tz500 -
    sonicwall nsa 2650 firmware 7.0.0
    sonicwall nsa 2650 firmware *
    sonicwall nsa 2650 -
    sonicwall nsa 2700 firmware 7.0.0
    sonicwall nsa 2700 firmware *
    sonicwall nsa 2700 -
    sonicwall nsa 3650 firmware 7.0.0
    sonicwall nsa 3650 firmware *
    sonicwall nsa 3650 -
    sonicwall nsa 3700 firmware 7.0.0
    sonicwall nsa 3700 firmware *
    sonicwall nsa 3700 -
    sonicwall nsa 4650 firmware 7.0.0
    sonicwall nsa 4650 firmware *
    sonicwall nsa 4650 -
    sonicwall nsa 4700 firmware 7.0.0
    sonicwall nsa 4700 firmware *
    sonicwall nsa 4700 -
    sonicwall nsa 5650 firmware 7.0.0
    sonicwall nsa 5650 firmware *
    sonicwall nsa 5650 -
    sonicwall nsa 5700 firmware 7.0.0
    sonicwall nsa 5700 firmware *
    sonicwall nsa 5700 -
    sonicwall nsa 6650 firmware 7.0.0
    sonicwall nsa 6650 firmware *
    sonicwall nsa 6650 -
    sonicwall nsa 6700 firmware 7.0.0
    sonicwall nsa 6700 firmware *
    sonicwall nsa 6700 -
    sonicwall nsa 9250 firmware 7.0.0
    sonicwall nsa 9250 firmware *
    sonicwall nsa 9250 -
    sonicwall nsa 9450 firmware 7.0.0
    sonicwall nsa 9450 firmware *
    sonicwall nsa 9450 -
    sonicwall nsa 9650 firmware 7.0.0
    sonicwall nsa 9650 firmware *
    sonicwall nsa 9650 -
    sonicwall tz500w firmware 7.0.0
    sonicwall tz500w firmware *
    sonicwall tz500w -
    sonicwall tz570 firmware 7.0.0
    sonicwall tz570 firmware *
    sonicwall tz570 -
    sonicwall tz570p firmware 7.0.0
    sonicwall tz570p firmware *
    sonicwall tz570p -
    sonicwall tz570w firmware 7.0.0
    sonicwall tz570w firmware *
    sonicwall tz570w -
    sonicwall tz600 firmware 7.0.0
    sonicwall tz600 firmware *
    sonicwall tz600 -
    sonicwall tz600p firmware 7.0.0
    sonicwall tz600p firmware *
    sonicwall tz600p -
    sonicwall tz670 firmware 7.0.0
    sonicwall tz670 firmware *
    sonicwall tz670 -