CVE-2022-22277 - Vulnerability Details

A vulnerability in SonicOS SNMP service resulting exposure of Wireless Access Point sensitive information in cleartext.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

This CVE is not in the KEV list.

The EPSS score is 0.00164.

Key SSVC decision points have not yet been added.

Vendors	Products
Sonicwall	Nsa 2650 Nsa 2650 Firmware Nsa 2700 Nsa 2700 Firmware Nsa 3650 Nsa 3650 Firmware Nsa 3700 Nsa 3700 Firmware Nsa 4650 Nsa 4650 Firmware Nsa 4700 Nsa 4700 Firmware Nsa 5650 Nsa 5650 Firmware Nsa 5700 Nsa 5700 Firmware Nsa 6650 Nsa 6650 Firmware Nsa 6700 Nsa 6700 Firmware Nsa 9250 Nsa 9250 Firmware Nsa 9450 Nsa 9450 Firmware Nsa 9650 Nsa 9650 Firmware Nssp 10700 Nssp 10700 Firmware Nssp 11700 Nssp 11700 Firmware Nssp 12400 Nssp 12400 Firmware Nssp 12800 Nssp 12800 Firmware Nssp 13700 Nssp 13700 Firmware Nssp 15700 Nssp 15700 Firmware Nsv 10 Nsv 100 Nsv 100 Firmware Nsv 10 Firmware Nsv 1600 Nsv 1600 Firmware Nsv 200 Nsv 200 Firmware Nsv 25 Nsv 25 Firmware Nsv 270 Nsv 270 Firmware Nsv 300 Nsv 300 Firmware Nsv 400 Nsv 400 Firmware Nsv 470 Nsv 470 Firmware Nsv 50 Nsv 50 Firmware Nsv 800 Nsv 800 Firmware Nsv 870 Nsv 870 Firmware Tz300p Tz300p Firmware Tz300w Tz300w Firmware Tz350 Tz350 Firmware Tz350w Tz350w Firmware Tz370 Tz370 Firmware Tz370w Tz370w Firmware Tz400 Tz400 Firmware Tz400w Tz400w Firmware Tz470 Tz470 Firmware Tz470w Tz470w Firmware Tz500 Tz500 Firmware Tz500w Tz500w Firmware Tz570 Tz570 Firmware Tz570p Tz570p Firmware Tz570w Tz570w Firmware Tz600 Tz600 Firmware Tz600p Tz600p Firmware Tz670 Tz670 Firmware

Configuration 1 [-]

AND

OR	cpe:2.3:o:sonicwall:tz300p_firmware::::::::
	cpe:2.3:o:sonicwall:tz300p_firmware:7.0.0:::::::*

cpe:2.3:h:sonicwall:tz300p:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

OR	cpe:2.3:o:sonicwall:tz300w_firmware::::::::
	cpe:2.3:o:sonicwall:tz300w_firmware:7.0.0:::::::*

cpe:2.3:h:sonicwall:tz300w:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND

OR	cpe:2.3:o:sonicwall:tz350_firmware::::::::
	cpe:2.3:o:sonicwall:tz350_firmware:7.0.0:::::::*

cpe:2.3:h:sonicwall:tz350:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND

OR	cpe:2.3:o:sonicwall:tz350w_firmware::::::::
	cpe:2.3:o:sonicwall:tz350w_firmware:7.0.0:::::::*

cpe:2.3:h:sonicwall:tz350w:-:*:*:*:*:*:*:*

Configuration 5 [-]

AND

cpe:2.3:o:sonicwall:nssp_10700_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:sonicwall:nssp_10700:-:*:*:*:*:*:*:*

Configuration 6 [-]

AND

cpe:2.3:o:sonicwall:nssp_11700_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:sonicwall:nssp_11700:-:*:*:*:*:*:*:*

Configuration 7 [-]

AND

cpe:2.3:o:sonicwall:nssp_12400_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:sonicwall:nssp_12400:-:*:*:*:*:*:*:*

Configuration 8 [-]

AND

cpe:2.3:o:sonicwall:nssp_12800_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:sonicwall:nssp_12800:-:*:*:*:*:*:*:*

Configuration 9 [-]

AND

cpe:2.3:o:sonicwall:nssp_13700_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:sonicwall:nssp_13700:-:*:*:*:*:*:*:*

Configuration 10 [-]

AND

cpe:2.3:o:sonicwall:nssp_15700_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:sonicwall:nssp_15700:-:*:*:*:*:*:*:*

Configuration 11 [-]

AND

OR	cpe:2.3:o:sonicwall:tz370_firmware::::::::
	cpe:2.3:o:sonicwall:tz370_firmware:7.0.0:::::::*

cpe:2.3:h:sonicwall:tz370:-:*:*:*:*:*:*:*

Configuration 12 [-]

AND

OR	cpe:2.3:o:sonicwall:tz370w_firmware::::::::
	cpe:2.3:o:sonicwall:tz370w_firmware:7.0.0:::::::*

cpe:2.3:h:sonicwall:tz370w:-:*:*:*:*:*:*:*

Configuration 13 [-]

AND

OR	cpe:2.3:o:sonicwall:tz400_firmware::::::::
	cpe:2.3:o:sonicwall:tz400_firmware:7.0.0:::::::*

cpe:2.3:h:sonicwall:tz400:-:*:*:*:*:*:*:*

Configuration 14 [-]

AND

cpe:2.3:o:sonicwall:nsv_10_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:sonicwall:nsv_10:-:*:*:*:*:*:*:*

Configuration 15 [-]

AND

cpe:2.3:o:sonicwall:nsv_100_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:sonicwall:nsv_100:-:*:*:*:*:*:*:*

Configuration 16 [-]

AND

cpe:2.3:o:sonicwall:nsv_1600_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:sonicwall:nsv_1600:-:*:*:*:*:*:*:*

Configuration 17 [-]

AND

cpe:2.3:o:sonicwall:nsv_200_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:sonicwall:nsv_200:-:*:*:*:*:*:*:*

Configuration 18 [-]

AND

cpe:2.3:o:sonicwall:nsv_25_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:sonicwall:nsv_25:-:*:*:*:*:*:*:*

Configuration 19 [-]

AND

cpe:2.3:o:sonicwall:nsv_270_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:sonicwall:nsv_270:-:*:*:*:*:*:*:*

Configuration 20 [-]

AND

cpe:2.3:o:sonicwall:nsv_300_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:sonicwall:nsv_300:-:*:*:*:*:*:*:*

Configuration 21 [-]

AND

cpe:2.3:o:sonicwall:nsv_400_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:sonicwall:nsv_400:-:*:*:*:*:*:*:*

Configuration 22 [-]

AND

cpe:2.3:o:sonicwall:nsv_470_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:sonicwall:nsv_470:-:*:*:*:*:*:*:*

Configuration 23 [-]

AND

cpe:2.3:o:sonicwall:nsv_50_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:sonicwall:nsv_50:-:*:*:*:*:*:*:*

Configuration 24 [-]

AND

cpe:2.3:o:sonicwall:nsv_800_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:sonicwall:nsv_800:-:*:*:*:*:*:*:*

Configuration 25 [-]

AND

cpe:2.3:o:sonicwall:nsv_870_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:sonicwall:nsv_870:-:*:*:*:*:*:*:*

Configuration 26 [-]

AND

OR	cpe:2.3:o:sonicwall:tz400w_firmware::::::::
	cpe:2.3:o:sonicwall:tz400w_firmware:7.0.0:::::::*

cpe:2.3:h:sonicwall:tz400w:-:*:*:*:*:*:*:*

Configuration 27 [-]

AND

OR	cpe:2.3:o:sonicwall:tz470_firmware::::::::
	cpe:2.3:o:sonicwall:tz470_firmware:7.0.0:::::::*

cpe:2.3:h:sonicwall:tz470:-:*:*:*:*:*:*:*

Configuration 28 [-]

AND

OR	cpe:2.3:o:sonicwall:tz470w_firmware::::::::
	cpe:2.3:o:sonicwall:tz470w_firmware:7.0.0:::::::*

cpe:2.3:h:sonicwall:tz470w:-:*:*:*:*:*:*:*

Configuration 29 [-]

AND

OR	cpe:2.3:o:sonicwall:tz500_firmware::::::::
	cpe:2.3:o:sonicwall:tz500_firmware:7.0.0:::::::*

cpe:2.3:h:sonicwall:tz500:-:*:*:*:*:*:*:*

Configuration 30 [-]

AND

OR	cpe:2.3:o:sonicwall:nsa_2650_firmware::::::::
	cpe:2.3:o:sonicwall:nsa_2650_firmware:7.0.0:::::::*

cpe:2.3:h:sonicwall:nsa_2650:-:*:*:*:*:*:*:*

Configuration 31 [-]

AND

OR	cpe:2.3:o:sonicwall:nsa_2700_firmware::::::::
	cpe:2.3:o:sonicwall:nsa_2700_firmware:7.0.0:::::::*

cpe:2.3:h:sonicwall:nsa_2700:-:*:*:*:*:*:*:*

Configuration 32 [-]

AND

OR	cpe:2.3:o:sonicwall:nsa_3650_firmware::::::::
	cpe:2.3:o:sonicwall:nsa_3650_firmware:7.0.0:::::::*

cpe:2.3:h:sonicwall:nsa_3650:-:*:*:*:*:*:*:*

Configuration 33 [-]

AND

OR	cpe:2.3:o:sonicwall:nsa_3700_firmware::::::::
	cpe:2.3:o:sonicwall:nsa_3700_firmware:7.0.0:::::::*

cpe:2.3:h:sonicwall:nsa_3700:-:*:*:*:*:*:*:*

Configuration 34 [-]

AND

OR	cpe:2.3:o:sonicwall:nsa_4650_firmware::::::::
	cpe:2.3:o:sonicwall:nsa_4650_firmware:7.0.0:::::::*

cpe:2.3:h:sonicwall:nsa_4650:-:*:*:*:*:*:*:*

Configuration 35 [-]

AND

OR	cpe:2.3:o:sonicwall:nsa_4700_firmware::::::::
	cpe:2.3:o:sonicwall:nsa_4700_firmware:7.0.0:::::::*

cpe:2.3:h:sonicwall:nsa_4700:-:*:*:*:*:*:*:*

Configuration 36 [-]

AND

OR	cpe:2.3:o:sonicwall:nsa_5650_firmware::::::::
	cpe:2.3:o:sonicwall:nsa_5650_firmware:7.0.0:::::::*

cpe:2.3:h:sonicwall:nsa_5650:-:*:*:*:*:*:*:*

Configuration 37 [-]

AND

OR	cpe:2.3:o:sonicwall:nsa_5700_firmware::::::::
	cpe:2.3:o:sonicwall:nsa_5700_firmware:7.0.0:::::::*

cpe:2.3:h:sonicwall:nsa_5700:-:*:*:*:*:*:*:*

Configuration 38 [-]

AND

OR	cpe:2.3:o:sonicwall:nsa_6650_firmware::::::::
	cpe:2.3:o:sonicwall:nsa_6650_firmware:7.0.0:::::::*

cpe:2.3:h:sonicwall:nsa_6650:-:*:*:*:*:*:*:*

Configuration 39 [-]

AND

OR	cpe:2.3:o:sonicwall:nsa_6700_firmware::::::::
	cpe:2.3:o:sonicwall:nsa_6700_firmware:7.0.0:::::::*

cpe:2.3:h:sonicwall:nsa_6700:-:*:*:*:*:*:*:*

Configuration 40 [-]

AND

OR	cpe:2.3:o:sonicwall:nsa_9250_firmware::::::::
	cpe:2.3:o:sonicwall:nsa_9250_firmware:7.0.0:::::::*

cpe:2.3:h:sonicwall:nsa_9250:-:*:*:*:*:*:*:*

Configuration 41 [-]

AND

OR	cpe:2.3:o:sonicwall:nsa_9450_firmware::::::::
	cpe:2.3:o:sonicwall:nsa_9450_firmware:7.0.0:::::::*

cpe:2.3:h:sonicwall:nsa_9450:-:*:*:*:*:*:*:*

Configuration 42 [-]

AND

OR	cpe:2.3:o:sonicwall:nsa_9650_firmware::::::::
	cpe:2.3:o:sonicwall:nsa_9650_firmware:7.0.0:::::::*

cpe:2.3:h:sonicwall:nsa_9650:-:*:*:*:*:*:*:*

Configuration 43 [-]

AND

OR	cpe:2.3:o:sonicwall:tz500w_firmware::::::::
	cpe:2.3:o:sonicwall:tz500w_firmware:7.0.0:::::::*

cpe:2.3:h:sonicwall:tz500w:-:*:*:*:*:*:*:*

Configuration 44 [-]

AND

OR	cpe:2.3:o:sonicwall:tz570_firmware::::::::
	cpe:2.3:o:sonicwall:tz570_firmware:7.0.0:::::::*

cpe:2.3:h:sonicwall:tz570:-:*:*:*:*:*:*:*

Configuration 45 [-]

AND

OR	cpe:2.3:o:sonicwall:tz570p_firmware::::::::
	cpe:2.3:o:sonicwall:tz570p_firmware:7.0.0:::::::*

cpe:2.3:h:sonicwall:tz570p:-:*:*:*:*:*:*:*

Configuration 46 [-]

AND

OR	cpe:2.3:o:sonicwall:tz570w_firmware::::::::
	cpe:2.3:o:sonicwall:tz570w_firmware:7.0.0:::::::*

cpe:2.3:h:sonicwall:tz570w:-:*:*:*:*:*:*:*

Configuration 47 [-]

AND

OR	cpe:2.3:o:sonicwall:tz600_firmware::::::::
	cpe:2.3:o:sonicwall:tz600_firmware:7.0.0:::::::*

cpe:2.3:h:sonicwall:tz600:-:*:*:*:*:*:*:*

Configuration 48 [-]

AND

OR	cpe:2.3:o:sonicwall:tz600p_firmware::::::::
	cpe:2.3:o:sonicwall:tz600p_firmware:7.0.0:::::::*

cpe:2.3:h:sonicwall:tz600p:-:*:*:*:*:*:*:*

Configuration 49 [-]

AND

OR	cpe:2.3:o:sonicwall:tz670_firmware::::::::
	cpe:2.3:o:sonicwall:tz670_firmware:7.0.0:::::::*

cpe:2.3:h:sonicwall:tz670:-:*:*:*:*:*:*:*

No data.

Advisories

Source	ID	Title
EUVD	EUVD-2022-27424	A vulnerability in SonicOS SNMP service resulting exposure of Wireless Access Point sensitive information in cleartext.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0004

History

No history.

MITRE

Status: PUBLISHED

Assigner: sonicwall

Published: 2022-04-27T16:25:16

Updated: 2024-08-03T03:07:50.394Z

Reserved: 2021-12-29T00:00:00

Link: CVE-2022-22277

Vulnrichment

No data.

NVD

Status : Modified

Published: 2022-04-27T17:15:07.397

Modified: 2024-11-21T06:46:32.693

Link: CVE-2022-22277

Redhat

No data.

OpenCVE Enrichment

No data.

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact None

Availability Impact None

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

Affected Vendors & Products

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact None

Availability Impact None

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object

JSON object