Improperly Implemented Security Check in SonicWall Hosted Email Security
CVE-2022-2324

7.5HIGH

Key Information:

Vendor: Sonicwall
Status: Sonicwall Email Security
Vendor: CVE Published:; 29 July 2022

What is CVE-2022-2324?

A vulnerability in SonicWall Hosted Email Security allows for the bypass of the Capture ATP security service due to improperly implemented security checks. This impacts version 10.0.17.7319 and prior, posing risks to email security and data protection. To mitigate these risks, users are advised to update to a secure version as soon as possible.

Affected Version(s)

SonicWall Email Security 10.0.17.7319 and earlier

References

https://psirt.global.sonicwall.com/vuln-detail/SNWLID-202...

x_refsource_CONFIRM

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 29, 2022
Vulnerability Reserved
Jul 5, 2022

Sonicwall

What is CVE-2022-2324?

Affected Version(s)

References

CVSS V3.1

Timeline