CVE-2022-22275
7.5HIGH
Summary
Improper Restriction of TCP Communication Channel in HTTP/S inbound traffic from WAN to DMZ bypassing security policy until TCP handshake potentially resulting in Denial of Service (DoS) attack if a target host is vulnerable.
Affected Version(s)
SonicOS = SonicOS Gen 7 TZ-Series 7.0.1-5030-R2007 and earlier versions.
SonicOS = SonicOS Gen 7 NSa-Series 7.0.1-5030-R2007 and earlier versions.
SonicOS = SonicOS Gen 7 NSv-Series 7.0.1.0-5030-1391 and earlier versions.
Refferences
CVSS V3.1
Score:
7.5
Severity:
HIGH
Confidentiality:
None
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved
Collectors
NVD DatabaseMitre Database