Heap-based Buffer Overflow in SonicWall SMA100 Appliance
CVE-2022-2915

8.8HIGH

Key Information:

Vendor: Sonicwall
Status: Sma100
Vendor: CVE Published:; 26 August 2022

What is CVE-2022-2915?

A Heap-based Buffer Overflow vulnerability in SonicWall's SMA100 appliance allows remote authenticated attackers to exploit the system, potentially resulting in a Denial of Service (DoS) condition or even unauthorized code execution. This vulnerability is present in versions 10.2.1.5-34sv and previous releases, making it crucial for users to promptly apply updates and mitigations to safeguard their systems.

Affected Version(s)

SMA100 10.2.1.5-34sv and earlier

References

https://psirt.global.sonicwall.com/vuln-detail/SNWLID-202...

x_refsource_CONFIRM

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 26, 2022
Vulnerability Reserved
Aug 19, 2022

Sonicwall

What is CVE-2022-2915?

Affected Version(s)

References

CVSS V3.1

Timeline