CVE-2022-22276 : A vulnerability in SonicOS SNMP service resulting exposure of sensitive informat

A vulnerability in SonicOS SNMP service resulting exposure of sensitive information to an unauthorized user.

Published 2022-04-27 17:15:07

Updated 2022-05-06 17:37:04

Source SonicWALL, Inc.

View at NVD, CVE.org

Vulnerability category: Information leak

Products affected by CVE-2022-22276

Sonicwall » Tz300p Firmware
Versions before (<) 7.0.1
cpe:2.3:o:sonicwall:tz300p_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Sonicwall » Tz300p » Version: N/A
Sonicwall » Tz300w Firmware
Versions before (<) 7.0.1
cpe:2.3:o:sonicwall:tz300w_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Sonicwall » Tz300w » Version: N/A
Sonicwall » Tz350 Firmware
Versions before (<) 7.0.1
cpe:2.3:o:sonicwall:tz350_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Sonicwall » Tz350 » Version: N/A
Sonicwall » Tz350w Firmware
Versions before (<) 7.0.1
cpe:2.3:o:sonicwall:tz350w_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Sonicwall » Tz350w » Version: N/A
Sonicwall » Nssp 10700 Firmware
Versions before (<) 7.0.1.0
cpe:2.3:o:sonicwall:nssp_10700_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Sonicwall » Nssp 10700 » Version: N/A
Sonicwall » Nssp 11700 Firmware
Versions before (<) 7.0.1.0
cpe:2.3:o:sonicwall:nssp_11700_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Sonicwall » Nssp 11700 » Version: N/A
Sonicwall » Nssp 12400 Firmware
Versions before (<) 7.0.1.0
cpe:2.3:o:sonicwall:nssp_12400_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Sonicwall » Nssp 12400 » Version: N/A
Sonicwall » Nssp 12800 Firmware
Versions before (<) 7.0.1.0
cpe:2.3:o:sonicwall:nssp_12800_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Sonicwall » Nssp 12800 » Version: N/A
Sonicwall » Nssp 13700 Firmware
Versions before (<) 7.0.1.0
cpe:2.3:o:sonicwall:nssp_13700_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Sonicwall » Nssp 13700 » Version: N/A
Sonicwall » Nssp 15700 Firmware
Versions before (<) 7.0.1.0
cpe:2.3:o:sonicwall:nssp_15700_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Sonicwall » Nssp 15700 » Version: N/A
Sonicwall » Tz370 Firmware
Versions before (<) 7.0.1
cpe:2.3:o:sonicwall:tz370_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Sonicwall » Tz370 » Version: N/A
Sonicwall » Tz370w Firmware
Versions before (<) 7.0.1
cpe:2.3:o:sonicwall:tz370w_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Sonicwall » Tz370w » Version: N/A
Sonicwall » Tz400 Firmware
Versions before (<) 7.0.1
cpe:2.3:o:sonicwall:tz400_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Sonicwall » Tz400 » Version: N/A
Sonicwall » Nsv 10 Firmware
Versions before (<) 7.0.1.0
cpe:2.3:o:sonicwall:nsv_10_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Sonicwall » Nsv 10 » Version: N/A
Sonicwall » Nsv 100 Firmware
Versions before (<) 7.0.1.0
cpe:2.3:o:sonicwall:nsv_100_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Sonicwall » Nsv 100 » Version: N/A
Sonicwall » Nsv 1600 Firmware
Versions before (<) 7.0.1.0
cpe:2.3:o:sonicwall:nsv_1600_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Sonicwall » Nsv 1600 » Version: N/A
Sonicwall » Nsv 200 Firmware
Versions before (<) 7.0.1.0
cpe:2.3:o:sonicwall:nsv_200_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Sonicwall » Nsv 200 » Version: N/A
Sonicwall » Nsv 25 Firmware
Versions before (<) 7.0.1.0
cpe:2.3:o:sonicwall:nsv_25_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Sonicwall » Nsv 25 » Version: N/A
Sonicwall » Nsv 270 Firmware
Versions before (<) 7.0.1.0
cpe:2.3:o:sonicwall:nsv_270_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Sonicwall » Nsv 270 » Version: N/A
Sonicwall » Nsv 300 Firmware
Versions before (<) 7.0.1.0
cpe:2.3:o:sonicwall:nsv_300_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Sonicwall » Nsv 300 » Version: N/A
Sonicwall » Nsv 400 Firmware
Versions before (<) 7.0.1.0
cpe:2.3:o:sonicwall:nsv_400_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Sonicwall » Nsv 400 » Version: N/A
Sonicwall » Nsv 470 Firmware
Versions before (<) 7.0.1.0
cpe:2.3:o:sonicwall:nsv_470_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Sonicwall » Nsv 470 » Version: N/A
Sonicwall » Nsv 50 Firmware
Versions before (<) 7.0.1.0
cpe:2.3:o:sonicwall:nsv_50_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Sonicwall » Nsv 50 » Version: N/A
Sonicwall » Nsv 800 Firmware
Versions before (<) 7.0.1.0
cpe:2.3:o:sonicwall:nsv_800_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Sonicwall » Nsv 800 » Version: N/A
Sonicwall » Nsv 870 Firmware
Versions before (<) 7.0.1.0
cpe:2.3:o:sonicwall:nsv_870_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Sonicwall » Nsv 870 » Version: N/A
Sonicwall » Tz400w Firmware
Versions before (<) 7.0.1
cpe:2.3:o:sonicwall:tz400w_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Sonicwall » Tz400w » Version: N/A
Sonicwall » Tz470 Firmware
Versions before (<) 7.0.1
cpe:2.3:o:sonicwall:tz470_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Sonicwall » Tz470 » Version: N/A
Sonicwall » Tz470w Firmware
Versions before (<) 7.0.1
cpe:2.3:o:sonicwall:tz470w_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Sonicwall » Tz470w » Version: N/A
Sonicwall » Tz500 Firmware
Versions before (<) 7.0.1
cpe:2.3:o:sonicwall:tz500_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Sonicwall » Tz500 » Version: N/A
Sonicwall » Nsa 2650 Firmware
Versions before (<) 7.0.1
cpe:2.3:o:sonicwall:nsa_2650_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Sonicwall » Nsa 2650 » Version: N/A
Sonicwall » Nsa 2700 Firmware
Versions before (<) 7.0.1
cpe:2.3:o:sonicwall:nsa_2700_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Sonicwall » Nsa 2700 » Version: N/A
Sonicwall » Nsa 3650 Firmware
Versions before (<) 7.0.1
cpe:2.3:o:sonicwall:nsa_3650_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Sonicwall » Nsa 3650 » Version: N/A
Sonicwall » Nsa 3700 Firmware
Versions before (<) 7.0.1
cpe:2.3:o:sonicwall:nsa_3700_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Sonicwall » Nsa 3700 » Version: N/A
Sonicwall » Nsa 4650 Firmware
Versions before (<) 7.0.1
cpe:2.3:o:sonicwall:nsa_4650_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Sonicwall » Nsa 4650 » Version: N/A
Sonicwall » Nsa 4700 Firmware
Versions before (<) 7.0.1
cpe:2.3:o:sonicwall:nsa_4700_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Sonicwall » Nsa 4700 » Version: N/A
Sonicwall » Nsa 5650 Firmware
Versions before (<) 7.0.1
cpe:2.3:o:sonicwall:nsa_5650_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Sonicwall » Nsa 5650 » Version: N/A
Sonicwall » Nsa 5700 Firmware
Versions before (<) 7.0.1
cpe:2.3:o:sonicwall:nsa_5700_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Sonicwall » Nsa 5700 » Version: N/A
Sonicwall » Nsa 6650 Firmware
Versions before (<) 7.0.1
cpe:2.3:o:sonicwall:nsa_6650_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Sonicwall » Nsa 6650 » Version: N/A
Sonicwall » Nsa 6700 Firmware
Versions before (<) 7.0.1
cpe:2.3:o:sonicwall:nsa_6700_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Sonicwall » Nsa 6700 » Version: N/A
Sonicwall » Nsa 9250 Firmware
Versions before (<) 7.0.1
cpe:2.3:o:sonicwall:nsa_9250_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Sonicwall » Nsa 9250 » Version: N/A
Sonicwall » Nsa 9450 Firmware
Versions before (<) 7.0.1
cpe:2.3:o:sonicwall:nsa_9450_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Sonicwall » Nsa 9450 » Version: N/A
Sonicwall » Nsa 9650 Firmware
Versions before (<) 7.0.1
cpe:2.3:o:sonicwall:nsa_9650_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Sonicwall » Nsa 9650 » Version: N/A
Sonicwall » Tz500w Firmware
Versions before (<) 7.0.1
cpe:2.3:o:sonicwall:tz500w_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Sonicwall » Tz500w » Version: N/A
Sonicwall » Tz570 Firmware
Versions before (<) 7.0.1
cpe:2.3:o:sonicwall:tz570_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Sonicwall » Tz570 » Version: N/A
Sonicwall » Tz570p Firmware
Versions before (<) 7.0.1
cpe:2.3:o:sonicwall:tz570p_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Sonicwall » Tz570p » Version: N/A
Sonicwall » Tz570w Firmware
Versions before (<) 7.0.1
cpe:2.3:o:sonicwall:tz570w_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Sonicwall » Tz570w » Version: N/A
Sonicwall » Tz600 Firmware
Versions before (<) 7.0.1
cpe:2.3:o:sonicwall:tz600_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Sonicwall » Tz600 » Version: N/A
Sonicwall » Tz600p Firmware
Versions before (<) 7.0.1
cpe:2.3:o:sonicwall:tz600p_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Sonicwall » Tz600p » Version: N/A
Sonicwall » Tz670 Firmware
Versions before (<) 7.0.1
cpe:2.3:o:sonicwall:tz670_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Sonicwall » Tz670 » Version: N/A

Exploit prediction scoring system (EPSS) score for CVE-2022-22276

EPSS FAQ

0.31%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 51 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2022-22276

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
5.0	MEDIUM	AV:N/AC:L/Au:N/C:P/I:N/A:N	10.0	2.9	NIST
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: Partial Integrity Impact: None Availability Impact: None
5.3	MEDIUM	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N	3.9	1.4	NIST
Attack Vector: Network Attack Complexity: Low Privileges Required: None User Interaction: None Scope: Unchanged Confidentiality: Low Integrity: None Availability: None

CWE ids for CVE-2022-22276

CWE-200 Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
Assigned by:
- nvd@nist.gov (Primary)
- PSIRT@sonicwall.com (Secondary)

References for CVE-2022-22276

https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0004

Security Advisory
Vendor Advisory

CVEs referencing this url

Jump to

Vulnerability Details : CVE-2022-22276

Products affected by CVE-2022-22276

Exploit prediction scoring system (EPSS) score for CVE-2022-22276

CVSS scores for CVE-2022-22276

CWE ids for CVE-2022-22276

References for CVE-2022-22276